• 703-891-5000
  • info@targetlabs.net
  • 8300 Old courthouse road, Suite. 250, Vienna, VA - 22182

SECURITY COMPLIANCE ENGINEER

07-03-2012

SECURITY COMPLIANCE ENGINEER

Title: Security Compliance Engineer

Location: Scottsdale, AZ

Travel Required: None required

T&E Provided: Yes

 

Responsibilities:

The engineer will be responsible for the following:

  • - Understand contractual requirements with assigned customers.
  • - Deliver customer security solutions.
  • - Understand, communicate and administer established IT security policy.
  • - Assist solution design teams on technical specific security requirements.
  • - Contribute on a proactive basis to trend analysis and policy development.
  • - Review and approve change management and new customer requests from a security and risk management perspective.
  • - Second Level support for security related end user problems.
  • - Perform security trend and technology related research as necessary.
  • - Implement vulnerability, detection and protection security systems.
  • - Implement security audit gaps results into the build and implementation project phase.
  • - Define and realize plans concerning technical content and innovation in such way that will contribute adequately to the realization of Security Management.
  • - Assist in internal and external security audits.
  • - Review and when needed improve the Security Management process.

 

Qualifications:

Position Requirements: No clearance required.

Desired Education: Bachelor's Degree preferred.

Desired Experience:

  • - 3-5 years of experience working in systems engineering on a specific OS (AIX, Linux or Microsoft Windows) or storage infrastructure.
  • - 3-5 years of experience in Information Security with a focus of Security Management.
  • - Experience implementing patch management initiated Vulnerability Scans, IT Risk Assessment and Firewall/Server/Network devices baseline reviews.
  • - Expertise in Implementation of Security Needs: Audits, planning, design, implementation, testing, and management.
  • - Strong understanding for various IT security standards and practical experience implementing it within the IT framework of an organization.
  • - Strong understanding and practical experience of multiple compliance framework like ISO 27001, SAS70, COBIT, ITIL, SOX or PCI.
  • - Excellent knowledge in access management/controls and have working experience in implementing it by applying a model and/or using a tool or system.
  • - Competent in security strategies and technologies including operating systems security, secure network, web and database services, penetration testing, access control, system monitoring and cryptography.
  • - Experienced at implementing or managing risk management/methodology, processes and tools.
  • - Ability to evaluate enterprise-wide impacts and make recommendations to approach issues and mitigate potential risks to an acceptable level.
  • - Experienced with solving complex technical security issues through design of security controls within a development lifecycle, provide recommendations to operational processes in service delivery, etc.
  • - Experienced in handling challenging security incidents and participation in audit demands, communicate with internal & external customers management.
  • - Extremely process and detail oriented.
  • - Strong written and verbal communication skills.


  •  

Desired Certifications:

  • - Relevant security certifications are desirable but not mandatory, such as CISSP, CISM or CISA.
  • - General network certifications (CCNA, etc) preferred.