Information Security Specialist
Purpose:
Liaise with vendor and client staff on information security controls
Liaise with Technology Services Application Development and Support Teams
Perform information security compliance assessment on all Company platforms and systems
Implement and maintain information security solutions in accordance with Company’s security standards and practices
Perform ongoing compliance monitoring and assessment of Company’s network environment
Provide second and third level support for information security solutions.
Main Responsibilities:
Provide information security-related consulting services to all areas of the company.
Monitor for security vulnerabilities within Company’s information assets, information processing systems and networking environment.
Perform periodic inspections and testing of Company platforms for potential intrusion and data compromise risks.
Develop and maintain DRP/BCP documentation, support and testing capabilities for information security.
Coordinate information security implementation for major application rollouts.
Provide second and third level support for information security products and services.
Requirements - Experience:
In-depth knowledge of standard tools, solutions and utilities for security administration (e.g., RACF, ACF2, Aelita, Norton Anti-virus, Intrusion Detection Systems, Cisco PIX, VPN, MS Active Directory)
University education in Computer Science or Engineering.
Completion or progressing towards recognized certification in information security or audit (CISSP, CISA, SSCP or equivalent designation).
At least three years of information security and/or IT Auditing experience.
Requirements - Qualifications:
Good understanding of the main Company computing and networking platforms such as IBM mainframes, Unix (AIX, Solaris), LAN servers and workstations (NT/2000, OS/2, Novell, Win9x), Cisco routers, Oracle and DB/2 DBMSs.
Understanding of security and audit-related standards and guidelines, e.g., ISO17799, GASSP, Section 5900.
Sound knowledge of standards Network Security tools, methods and practices
Extensive knowledge of the security environment across all Company platforms (system, application, database and resource access validation methods; logging, monitoring and reporting facilities), both native system solutions and add-on products.
Extensive knowledge of client Information Security Policies, Standards and Practices within the scope of Company security access requirements.
Good understanding of standard information security concepts around risks and vulnerabilities (product weaknesses, process deficiencies, denial of service attacks, viruses, etc.) and appropriate countermeasures.
Excellent understanding of information security principles and methods related to confidentiality, integrity, authentication, non-repudiation, privacy and administration.
Good knowledge of security threats and demonstrated ability to stay abreast of new developments and available solutions.
Familiarity with security monitoring, reporting and auditing tools across main computing and networking platforms.
Requirements - Other:
Good communication skills, including presentation of technical issues in non-technical terms.
Good analytical and organizational skills.
Excellent problem solving and troubleshooting skills.
Team player, self-motivated, able to work independently with minimal supervision.
Strong negotiation and relationship building skills.
Security specialist role is in Mississauga and they want someone hand on
90-95k.
|
