Randstad Security Solutions Consultant in Wilmington, Delaware
Security Solutions Consultant
Wednesday, October 5, 2016
We have an excellent opportunity for a Security Solutions Consultant
This role will be responsible to ensure new solutions developed or purchased are implemented according to all security controls requirements.
The individual is expected to deliver concise security requirements, review project designs against security requirements, and ensure security controls are operating effectively prior to project closure.
This role is expected to provide strategy and execution components that support corporate direction, regulatory compliance and security best practices.
Management Reporting through well-defined metrics is required on a regular basis.
This individual must have a high degree of business acumen and be able to articulate and defend security position to technical project teams and to Management.
This individual must stay current on technology trends, directions, and best practices as they relate to IT security.
Experience and knowledge in a corporate environment with the following;
Provide clear and concise security requirements that meet corporate direction, regulatory requirements and security best practices
Review project solutions designs to ensure security requirements are met in both SDLC and Agile formats.
Implement security solutions, and provide technical leadership during the design, development, and testing phases of major initiatives.
Ensure security controls are implemented and operating effectively as part of solutions delivery
Be able to articulate and defend security positions
Research, formulate and present detailed security positions relative to new technologies to Senior Information Security Leaders
Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels
Managing and reporting status of identified risks
Knowledge, Skills, Education, Experience, and Competencies:
4 year college degree in a technical discipline or 10 year equivalent practical experience;
Applicable industry recognized security or technical certifications
Must be able to drive security and create and defend security position within project teams
Must be able to communicate effectively orally and written to Executive Management
Demonstrated analysis, planning, design, engineering and implementation experience of appropriate security controls within solutions delivery
Ability to design and review network designs for perimeter and internal environments
Detailed knowledge of:
firewalls, network routing, Internet Security and Virtual Private Networking
cryptographic systems and algorithms, key management and practices
infrastructure security including Windows/Linux/Unix systems, Oracle and SQL databases
operational security including access controls, data privacy, monitoring and logging and availability requirements that meet corporate Business Continuity strategies
Knowledge of regulatory requirements, security standards and compliance issues (FFIEC guidelines, Sarbanes Oxley, GLBA, ISO 27001, CobiT v4.0, and Payment Card Industry Data Security Standard (PCI DSS)).
Experience with root cause analysis, risk mitigation, security assessments, analysis of security threats, trends and architecture preferred.
In addition to security, proficient in other IT control areas (i.e., change management, SDLC, and Agile Operations).
Strong project management (and time management) skills required. Ability to work on numerous projects/activities simultaneously. Ability to communicate effectively in a project environment and articulate/defend security positions.
Proven interpersonal skills and ability to take a leadership role. The ability to communicate with management and peers to build and sustain cohesive relationships.
Superior attention to details.
Able to work well with and communicate effectively with all levels with the IT Organization.
Able to quickly grasp the big picture, yet remained focused on coordinating tasks at the detailed level
Industry security certifications preferred (CISSP, CISM, CISA, CCNA etc)