Sr. Information Security Specialist (applications & infrastructure)

Sr. Information Security Specialist (applications & infrastructure)

New York, NY
9392467
05-31-2017
or
Intermedia Group has the following open position with our client:

TITLE: Sr. Information Security Specialist (applications & infrastructure)
LOCATION: Midtown Manhattan
EMPLOYMENT TYPE: FULL-TIME SALARIED EMPLOYMENT (will consider try/buy)

CLIENT: FORTUNE 100 ENTERTAINMENT FIRM
ONLY LOCAL NY/NJ based CANDIDATES WILL BE CONSIDERED
NO H1s


SUMMARY:
We are looking for seasoned Information Security Professional with 7+ years of experience in security operations, application development security, infrastructure security, security risk assessments, audits, compliance, governance, high-level risk management

Duties and Responsibilities
  • Security architecture design, administration, and support for ongoing IT and Web initiatives
  • Provide security protection to company’s information technology systems and data
  • Security risk assessment and remediation for business processes, enterprise infrastructure and applications
  • Conduct periodically risk assessments, vulnerability assessments and threat analyses to be able identifying and managing associated risks
  • Develop and facilitate deployment of information security governance documents: policies, frameworks, programs, procedures, and audits
  • Define, develop, and implement security models for Intellectual Rights Management, data confidentiality classification
  • Proactively monitor security threats and vulnerabilities; event management and logging, identify and prevent potential intrusions using SIEM, DLP, IPS/IDS, other tools; advanced malware/Threat analysis and protection
  • Plan and execute security related projects, e.g., deploying new security solutions and best practices, providing guidance to company’s engineering and QA teams
  • Establish, monitor, evaluate and report key security performance and risk assessment indicators to provide management with accurate evaluation of the enterprise security state and the information security program effectiveness
  • Compliance assessment and reviews; alignment of security controls for business processes and applications with applicable regulatory governing documents like SOX, PCI, COPA, Safe Harbor, ISO 27001, OWASP  
  • Develop and maintain User Security Awareness program: organize and provide security training to employees, contractors, interns
  • Monitor and study relevant media and specialized vendor resources, provide assessment and recommendations to address emerging threats, vulnerabilities
  • Site Security Assessment of corporate premises, third parties, cloud services
 
Qualifications
  • A Bachelor or Master’s degree preferred, Computer Engineering or Computer Science; required at least 7 years of progressive information security experience
  • One of Major InfoSec Certifications (CISSP, CISM, SANS) is a must
  • Information Security Architecture
  • Integration with Business, Information, Technology Architectures
  • Securing business processes, applications, and infrastructure
  • Security aspects for N-tiered application architecture and web based applications
  • Authentication, authorization, data confidentiality, non-repudiation, integrity, audit logging
  • Linux and Windows scripting, command line utilities (Shell, Visual Basic, Perl, Python, awk)
  • Security policies and best practices; developing governance documents, certificate management
  • Identity management and role based user access control, end point security 
  • Password management and SSO implementation
  • Network security, TCP/IP, DNS, DMZ, Firewalls, Application Firewalls (Web, XML, Database), best practice design and deployment; hardening hardware/software, secure VPN and FTP, Forward and reverse proxies
  • Virtualized, cloud, mobile environments, MDM
  • Security specifics in applications development and custom codes - PHP, ASP, Java, C# platforms
  • Hardening J2EE, Tomcat, Web servers (IIS, Apache)
  • Windows and Linux security models, basic administration and audit
  • Databases (Oracle, MS SQL) – audits, data encryption at rest and in transit
  • Browser security concepts (e.g. Tokens), risks (e.g. XSS); configuring SSL/TLS, PKI servers
  • LDAP (Oracle Sun One preferred), Active Directory, including administration and design of custom LDAP schemas
  • Vulnerability assessments and IT auditing
  • Incident response and digital forensics experience
  • Experience in organizing and leading projects with managed security service providers
  • Assess and manage Third Party’s Security  
 
If you are interested in pursuing this opportunity, please respond back and include the following:
• Full MS WORD Resume
• Current and required compensation
• Contact information
• Availability
 
Upon receipt, one of our managers will contact you to discuss in full
 
Steve Fleischner
Managing Director
INTERMEDIA GROUP, INC.
131 Varick Street
Suite 936
New York, NY 10013
Voice: 212-248-0100

Email: sfleischner@intermediagroup.com
Corporate Web Site: www.intermediagroup.com
OPEN JOB LIST: http://intermediagroup.com/jobs

Recruiter Contact


Steve Fleischner | Managing Partner
sfleischner@intermediagroup.com
Intermedia Group Inc. | New York, NY
Main: (212) 248-0100
this job portal is powered by CATS