Responsibilities: Researches and assists in the piloting the evaluation of new tools technologies technical controls and processes to support and enforce defined security policies. Participates in a variety of information security functions Vulnerability Management Penetration Testing Incident Response Audit Governance Solution Design. Works with various infrastructure teams and business units to ensure policy compliance and adherence to security best practices. Monitors system logs SIEM tools and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolution Assists in the development and documentation of security architecture policies standards and procedures. Collates security incident and event data to produce monthly management and exception reports. Measures and reports on the technical metrics of security controls. Works with outsourced vendors that provide information security functions for compliance with contracted service-level agreements. Participates in the operation of incident management including detection response and reporting. Contributes to a knowledgebase comprising a technical reference library security advisories and alerts information on security trends and practices and laws and regulations. Participates in the day-to-day activities of threat and vulnerability management identify risk tolerances recommends treatment plans and communicates information about residual risk. Participates in security projects and provides expert guidance on security matters for other IT projects. Ensures audit trails system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Validates baseline security configurations for operating systems applications and networking and telecommunications equipment Provides second and third-level support and analysis during and after a security incident. Assists Lifespan staff in the resolution of reported security incidents. Participates in security investigations and compliance reviews as requested by internal or external auditors. Supports Lifespans Legal e-discovery processes to include identification collection preservation and processing of relevant data. Participates in GRC (Governance Risk Compliance) activities surrounding policies exceptions risk register and compliance requirements such as HIPAA PCI and JMC. Researches and assess new threats and security alerts and recommends remedial actions. EXPERIENCE: Aminimum of ten years of IS experience with five years in an information security role. Abachelor&39;s degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred. Certifications Required (3 or more - CISSP CCSP OSCP CISA CRISC GIAC CEH Security+) Certifications Preferred (Technology Certifications - Cisco Microsoft Linux) Expert level in security best practices. Intermediate level with Wireshark and/or equivalent packet capture and analysis Strong understanding of networking technologies from architecture best practices to packet analysis Experience with patch management device hardening configuration auditing and other end point security best practices. Familiarity with the principles of cryptography and cryptanalysis. Understanding of Public Key Infrastructure Experienced in the use of virtualization technologies Knowledge of and experience in developing and documenting security architecture and plans including strategic tactical and project plans. In-depth knowledge of risk assessment methods and technologies. Proficiency in performing risk business impact control and vulnerability assessments. Excellent technical knowledge of mainstream operating systems [for example Microsoft Windows and Linux] and a wide range of security technologies such as network security appliances identity and access management (IAM) systems anti-malware solutions automated policy compliance tools and desktop security tools.
Futran solutions Woonsocket, RI
Millennium Info Tech Smithfield, RI
Adwait Algorithm Smithfield, RI
Futran solutions Woonsocket, RI
New York Technology Partners Woonsocket, RI