IN ORDER TO BE CONSIDERED FOR THIS POSITION, THE FOLLOWING BASIC QUALIFICATIONS MUST BE EVIDENT ON YOUR RESUME
GED/High School Graduate
Years of Experience
15+ years of IT experience with a GED/High School Graduate
11+ years of IT experience with Associate Degree
7+ years of IT experience with a Bachelor’s Degree
5+ years of IT experience with a Master’s Degree
Experience creating risk mitigation strategies
Strong demonstrated knowledge of IT risk management gained as a practitioner
Five years of experience with Information Security and Risk related processes, technologies and toolsets
Proven experience performing controls testing in compliance and vendor related audits or assessments for a large organization
Extensive knowledge of security and privacy law/regulations, especially SOX, PCI, GLBA, HIPAA
Extensive knowledge of Industry Information Technology Standards and Control Frameworks (NIST, ISO 27000 series, COBIT, COSO, etc)
Broad knowledge of many aspects of information security with in-depth understanding and hands-on experience of many of the following areas: Firewalls, IDS/IPS, VPN, Authentication technologies, Web Filtering, Proxy Firewalls, network taps, and tap aggregators.
Knowledge of a broad range of technologies including, but not limited to: Endpoints – Desktop, Laptop, Servers, and Mobile – Hardware and OS, Networking – Voice and Data, Storage and Databases, Virtualization, Middleware and Web, Cloud – Internal and External/Public – Infrastructure and Software
Identity and Access Management – Active Directory & LDAP – Federation & SSO
Vulnerability Scanning and Penetration Testing
Knowledge and understanding of different security products (web/email filtering, disk encryption, IDS/IPS, antivirus, vulnerability scanning, DLP, firewall, SIEM etc.)
Information Security, Privacy and Governance, Risk & Compliance (GRC) certifications a plus (SSCP, CIA, CISA, CISSP, CRISC, CISM, CIPP, GIAC etc.)
Extensive background in all aspects of information security, technology governance and compliance processes.
Expert knowledge in risk assessment methodologies, security frameworks and relevant global regulations.