How to better integrate IT security and IT strategy

Organizations see a future in which IT security is deeply woven into their overall IT strategy. Here’s how they plan to get there.

Information security has become such an integral part of IT that at a growing number of organizations, the two are virtually indistinguishable — from an organizational standpoint.

Many companies are attempting to more tightly integrate IT security strategy with IT strategy. That can mean blending departments, changing leadership structures, and embedding security earlier in the development pipeline, among other tactics.

About two thirds of organizations say their IT security strategy and IT strategy are tightly integrated, with IT security being a key component of IT roadmaps and projects, according to CIO’s 2019 State of the CIO survey.

But looking ahead, the two become even more indistinguishable, with 83 percent of organizations expecting to tightly integrate IT security strategy into their overall IT strategy within the next three years.

Read more here

Senior Information Security Analyst Opportunity in Dallas, TX

If this opportunity is not a good match for your skills or you are not available but know someone who is, please forward this link to them as we pay referral fees for anyone you refer that we place with a client.

GENERAL FUNCTION:

The senior information security analyst provides technical leadership in support of implementing, maintaining, monitoring and troubleshooting a broad range of security infrastructure at the client company.  The role will serve as a consultant to internal and external parties in establishing security for CLIENT, its affiliates and its products.  The senior information security analyst will provide technical direction and support to more junior members of the team and to product teams who require security expertise in their projects.

DUTIES AND RESPONSIBILITIES:

· Monitor, analyze, and interpret security/system logs for events and incidents reflective of unauthorized access or operational irregularities and escalate for action as appropriate

· Serve as information security subject matter expert and actively assist CLIENT teams in the development of secure business solutions for medium to highly complex problems

· Work on multiple projects as the team member who leads the security design of the project

· Support security incident response as required

· Provide technical leadership and support for more junior level security personnel

· Monitor security advisories and ensure security updates, patches and preventive measures are in place throughout the relevant CLIENT computing environments

· Perform technical IT security risk assessments

· Analyze audit findings and make recommendations to lower security risks to acceptable levels

· Support information security awareness efforts throughout CLIENT

· Consult, advise and approve secure network design

· Ensure that security changes comply with company change management policies and procedures

· Author security policies, procedures, standards, and guidelines for computing infrastructure

· Establish and enforce operating system and application hardening standards

· Establish, maintain and monitor mechanisms to ensure protection against malware on company computing systems

· Automate security processes and tasks to achieve efficiencies and/or improved accuracy

KNOWLEDGE & SKILLS REQUIRED:

· Bachelor’s Degree in Computer Science or similar field of study, or have equivalent industry experience

· Minimum of ten years of technical IT experience, five of which were working as information security analyst

· Strong background working with security technologies: firewalls, intrusion detection, vulnerability scanning and remediation, security log management, network traffic analysis, privilege management

· Knowledge of regulatory compliance standards used in financial industry e.g. PCI, GLBA, SOX, SAS70

· Strong understanding of LAN, WAN, and wireless communications and protocols

· Strong knowledge of UNIX and Windows operating systems

· Prefer CISSP, GIAC, or CISM certification

· Must be able to juggle priorities and operate with little ongoing supervision

· Must have excellent teamwork skills

· Certification in Control Self-Assessment (CCSA) or Check Point Certified Security Expert (CCSE) certification preferred

· Familiarity with physical, administrative, and technical controls commonly used to secure information and systems

· Working experience with the Payment Card Industry Data Security Standards (PCI DSS)

· Hands-on experience with Active Directory deployment and maintenance

· Experience with and knowledge of Internet/Intranet networking protocols and services

· Advanced level of understanding of routed and switched networks

· Extensive experience with TCP/IP, routing protocols, and network sniffing technology

· Hands-on experience configuring and managing Cisco routers and switches

· Extensive experience with VPN technology

· Extensive knowledge of Encryption software

WORKING CONDITIONS:

· Office environment with limited exposure to extremes in dust, noise or temperature

· Extended hours of viewing of computer screens and use of computer mouse

· Position requires scheduling flexibility to support on-call work assignments and off hours security incident handling

If you have this experience, feel you are a fit for this position, and are interested, please answer the questions below:

1) Do you have an updated Word copy of your resume?

2) What is your availability to start?

3) Are you open to a direct-hire position?

4) What is your current salary or pay rate?

5) Are you currently eligible to work for any employer in the US?

6) When is the best time to contact you and what # can you be reached at for this opportunity?

Regards,

Mike Hanes
ProVisionTech

ProVisionTech Jobs – Dallas IT Jobs – Dallas Technical Jobs

Dallas IT Recruiter Guy

Integrity in Recruiting
972-200-7171


“Save Time, The Best Resources, Guaranteed!”

Posted via email from ptg’s posterous