Home > Jersey Shore jobs > Jersey Shore computer/technical

Posted: Tuesday, February 6, 2018 6:38 PM

Requisition ID 50773BR
Title IT Security Specialist II
Job Category Information Technology
Job Description PURPOSE:
Supports daily security operations and wide range of IT security activities including network and system security monitoring, tuning and management of IT Security systems and applications in addition to supporting incident response activities. Individuals in this position will also have additional duties assisting with the implementation of IT security strategy and serving as a security advisor to ensure IT systems are implemented and maintained to the highest security standards. Individuals in this position will demonstrate expertise of current enterprise technologies and will also be responsible for performing technical risk and vulnerability assessments at the network, system and application level. Some responsibilities developing and implementing security controls and formulating operational risk mitigations.
Reports directly to the Director IT Security and Quality. Will work closely with IT operations staff, application development teams, project managers, external IT vendors and consultants, Legal and Human Resources Departments in addition to supporting the global IT security organization.
While the IT Security Specialist II will have a broad range of daily responsibilities this position will have specific duties regarding the administration, tuning, and maintenance of TippingPoint Intrusion Prevention Systems (IPS) in order to ensure that operational effectiveness and service levels are appropriately maintained.
Assists in developing implementation plans, project schedules and deliverables while working within budget guidelines. Assists in the development and implementation of security policies, procedures, and best practices. Assists in the IT Security planning and budgeting process. Performs systems administration, upgrades and change management for IT Security systems and applications. Experience with network intrusion detection and intrusion prevention technologies and packet level network traffic analytic tools such Wireshark. Researches and evaluates new security tools, techniques and technologies and introduces them in to the enterprise in alignment with IT security strategy. Experience with common security, vulnerability assessment and penetration tools including Nessus, nmap, WebInspect, AppDetective, and Metasploit desirable. Familiarity with cryptographic principals, and common encryption schemes such as symmetric/asymmetric encryption, hashing, SSL/TLS, IPSec, PGP, S/MIME, SSH, PKI. Familiarity with security standards and guidelines such as ISO 27002, COBIT, SARBOX, CIS Benchmarks, NIST, PCI and HIPAA. Functional knowledge of programming, scripting and markup languages such as C++, Java, Perl, Ruby, Python, PHP, Visual Basic, ASP, HTML, XML, XSS, .Net/C and shell scripting desirable. Knowledge of incident handling processes, methods and best practices. Knowledge of MS:SQL, Oracle, and MySQL databases and database level security controls desirable. Knowledge of network, system, and application forensics as well as basic chain of custody, evidence preservation and digital investigative techniques. Knowledge of web application security best practices, web application testing methodologies and tools as well as OWASP guidelines. Strong knowledge of centralized logging and security event management best practices, , event correlation, as well as experience with UNIX and network equipment syslog data, Windows Event Log, and application (database, web server, dns, dhcp, ) log analysis. Strong working knowledge of Linux, UNIX, and Windows operating systems as well as hardening standards and methodologies for each. Strong understanding of TCP/IP networking including switching and routing protocols, OSI Model, and packet level analysis.
Approximately 15 overnight travel
Additional Information QUALIFICATIONS


• Location: Jersey Shore, plainsboro

• Post ID: 53683217 jerseyshore is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2018