Security and Compliance Analyst

Location: Birmingham, Alabama
Date Posted: 12-04-2018
Position Title: Security and Compliance Analyst
Location: Birmingham, AL
Position Status: Contract to Hire
 
Position Description:
Our client is looking for Security and Compliance Analyst candidates for a position located in Birmingham, AL. The ideal candidate will be experienced with supporting the implementation and on-going support & administration of the Symantec DLP (Data Loss Protection) System environment and DB2 Security & Configuration Management system.
 
Responsibilities:
  • Assess procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification or destruction.  Make improvement recommendations.
  • Ensures compliance with organizational security rules and standards
  • Ensure compliance with internal application security controls
  • Prioritize remediation of gaps based on internal and external audits
  • Prepare security and compliance reports by collecting, analyzing, and summarizing data
  • Support SOX & PCI compliance through support of Enterprise Security Strategy initiatives
  • Support SOX & PCI Compliance by review of key controls and monitoring
  • Support of SOX Audit and PCI by collecting and tracking requested evidence.
  • Assist in planning and execution of vulnerability testing for application systems and the network environment
  • Assist in providing support of the enterprise vulnerability management program
  • Assist in providing support of the Security Operations Center (SOC)
Security/Governance
  • Proactively work with the platform managers to resolve weaknesses and security incidents identified within the DLP system  
  • Proactively work with the platform managers to resolve weaknesses in configuration and security definitions within the DB2 systems
  • Proactively review our environment to determine if there are any gaps in our SOX, PCI or security controls
  • Using installed tools and services identify security vulnerabilities
  • Take action to ensure reported vulnerabilities are remediated in a timely manner as approved by management
  • Work with other staff members as needed to remediate security weaknesses & vulnerabilities 
Compliance
  • Review DB2 changes to ensure security and configuration compliance
  • Review LAN/WAN changes submitted for update to the production environment
  • Review Application Changes to ensure a scan is performed when required
  • Ensures all policies are followed and proper documentation is on file
  • Provide system admin support for DB2 security & configuration system
  • Provide reports of weaknesses in configuration and security to the various platform managers for resolution
  • Research any issues that are raised during the various audits
  • Review and assist with user application security requests
Capabilities:
  • Experience in performing vulnerability scans and assessments as well as computer forensics
  • Knowledge of Information Security best practices and common processes
  • Knowledge of Windows and Linux vulnerabilities and exploits
  • Knowledge of network protocols, data flows, and vulnerabilities within a TCP/IP environment
  • Ability to perform network protocol analysis and raw data capture
  • Knowledge of OWASP and PCI-DSS a plus
  • Self-motivated, self-directed and shows attention to detail while working
  • Works ethically and with integrity supporting organizational goals and values
  • Contributes to building a positive team spirit and treats others with respect
  • Maintains confidentiality of information and uses information appropriately
Required Education/Experience:
  • Bachelor’s degree required
  • Minimum of five years of experience in information technology and at least two years in information security and/or IT governance/compliance related roles
Required Skills:
  • Knowledgeable in the use of MS Office Software suite
  • Strong analytical, technical, and problem solving skills
  • Willing to share knowledge and assist others in understanding technical and business topics
  • Willingness to work outside of regular business hours as required which can include evenings, weekends, and holidays
  • Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Security knowledge of one or more of the following platforms: Windows/Linux
  • Ability to interpret information security data and processes to identify potential compliance issues
  • Ability to quickly understand security systems in order to identify and validate security requirements
Desired Skills:
  • Experience with DLP technologies strongly desired/preferred
  • Experience with DB2 environments preferred
About Seneca Resources:
Seneca Resources is a client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry.  Seneca Resources is a leading IT services provider with offices in Virginia, Alabama and Texas that service clients throughout the United States
 
We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.
 
 
or
this job portal is powered by CATS