Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Senior Information Security Specialist Ii/Iii/Iv

Expired Job

Federal Reserve Bank Minneapolis , MN 55415

Posted 3 months ago

The Federal Reserve Bank of Minneapolis is looking for an experienced and enthusiastic Information Security Engineer to become a team member of the dynamic and customer oriented Information Security (IS) section of the Information Technology (IT) department. The Information Security position will be an information security expert within the organization, helping ensure compliance with all security policies and standards, as well as with industry regulations and laws. This position will be involved in day-to-day security operations by responding to security events and managing security tools, recommending corrective action by working with customers, and providing security consulting and project support.

Responsibilities include:

Collaborates with the business area customers in the design process to translate security and business requirements into technical designs, and configure and validate the security of information systems. Develops and provides recommendations for information security solutions.

Conducts research and analysis on security topics and produces written reports for management.

Monitors, maintains, and analyzes network and computer activity to protect the organization and ensure the integrity of its information systems and data.

Provides customer service and technical support to local and national business areas in response to service requests and to troubleshoot and resolve information security related issues.

Responds to and manages disruptive and destructive information security incidents within the Bank.

Conducts vulnerability testing activities, monitors the follow up and resolution activity of identified issues.

Participates in and/or leads a variety of Bank projects and/or parts of larger more complex Bank and System projects and provides information security consulting.

Creates and maintains written documentation for processes and procedures within the information security section.

May identify and/or lead process improvements and make recommendations.

Evaluates compliance with the System's information security frameworks such as NIST and COBIT. Monitors and verifies IT compliance with applicable new and existing policies, procedures and standards.

Provides 24 X 7 on-call support on a rotating basis.

Qualifications:

Bachelor's degree or equivalent combination of education and experience; coursework in Computer Science or Computer Engineering is preferred.

Minimum of six years of experience monitoring, administering, evaluating, and maintaining automated security systems designed to protect assets across multiple computing systems. (Eight years of experience required for level III; Ten years of experience for level IV.)

Demonstrated experience collaborating with business areas in the design process to translate security and business requirements into technical designs; configuring and validating the security of systems; or developing and providing recommendations for information security solutions.

Proven strong problem-solving, troubleshooting, and analytical skills.

Proven strong oral, written and interpersonal communication skills; able to communicate technical issues both orally and in writing.

Demonstrated experience with information security concepts, practices, and technologies, such as: information security controls and policies, risk assessment, data classification, network security, intrusion detection, incident response, computer forensics, application security testing, and public key infrastructure.

Established Working knowledge of current technologies.

Preferred:

Familiarity with the ITIL Security Management framework and multiple technology products such as, but not limited to Symantec Endpoint Protection; Data collection tools such as Encase or Access Data, Active Directory; Microsoft Windows; Unix; Linux; Storage Area Networks (SAN); BMC Remedy; security information and event management (SIEM) software products; scripting; Intrusion Detection Systems; Vulnerability Management Systems such as the Open Web Application Security Project (OWASP); application security testing; endpoint management solutions.

CISM, CISSP, or GIAC certification.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Information Security Engineer

Nice Systems

Posted 1 week ago

VIEW JOBS 11/3/2018 12:00:00 AM 2019-02-01T00:00 The Senior Information Security Engineer will be part of NICE-Mattersight's Data Center and InfoSec organization, responsible for architectural design, planning, implementation, and hands on maintenance of enterprise operational defenses against security breaches and vulnerabilities. This individual is additionally responsible for maintaining and extending the existing suite of defenses, and the creation and maintenance of information security policies, standards, and procedures in concurrence with industry best practices. The Senior Information Security Engineer also participates as a member of the Mattersight Computer Incident Response Team (CIRT) to identify and resolve potential security incidents. The ideal candidate will be self-motivated with a proven track record in Information Security technologies and be comfortable in the dynamic atmosphere of a technical organization. ESSENTIAL DUTIES AND RESPONSIBILITIES * Participate as a member of the Information Security team in developing and maintaining the organization's security strategies. * Own the architecture and management of Information Security systems, which include, but are not limited to: Centralized Logging, Intrusion Detection and Prevention, Vulnerability Testing, Penetration Testing, Encryption and Key Management, and Physical Security. * Perform event/alert review and investigation from all collected systems and architectures, including but not limited to the following types: Windows and Unix operating systems, IDS, Web Applications, Anti-Virus, and File Integrity Monitoring. * Act as a consulting resource to development teams to ensure that security is being adequately addressed during application development and deployment. * Identify, create and maintain security-related documentation and tools. * Maintain ongoing knowledge of information security technologies. * Maintain and ensure confidentiality of company, client, and employee data. * Attend and participate in staff, project and vendor meetings. * Attend and participate in after hours and weekend maintenance as necessary. * Participate in Incident Response investigations as a member of the CIRT. REQUIRED EXPERIENCE AND ABILITIES * Minimum of 5 years experience in Information Security or a security-related field. * Experience with writing and maintaining tools in the powershell, bash, python, and ruby scripting languages. * Strong demonstrated understanding of systems integration, web-based applications, and cloud-based technologies and architectures. * Strong demonstrated knowledge of application testing methodologies and strategies. * Experience with application design and development from business requirements analysis through to day-to-day management. * Ability to work with development teams and individual developers to achieve desired results within defined parameters. * Experience with Windows Server, Linux/Unix and/or network device administration. * Demonstrated understanding of business requirements/drivers and the ability to integrate these into security initiatives and projects. * Knowledge of ISO 27001/2, PCI-DSS, HIPAA, GDPR, or other information security rules and regulations. * Knowledge of software development lifecycles and philosophies. * Exceptional analytical and problem-solving abilities. * Experience coordinating initiative efforts across geographically dispersed offices and project teams. * Excellent understanding of project management principles. * Highly responsible, motivated team player. * Ability to set and manage priorities judiciously. * Excellent communication and interpersonal skills. * Expert attention to detail. * Ability to produce clean, concise diagrams and documentation. NICE TO HAVES * CISSP Certification, or the willingness and ability to obtain within twelve months. * GCIH or similar industry-standard security incident handling certification or the willingness and ability to obtain within 6 months. * Demonstrated experience with Amazon Web Services (AWS), Kubernetes, and similar cloud technologies. * Experience working within the Agile framework and continuous delivery/continuous integration processes. * Experience with enterprise security incident response, forensic investigation, and analysis. WHO IS NICE-MATTERSIGHT Have you ever spoken with someone and felt as though you just clicked? The magical feeling you get is the result of a personality connection. NICE-Mattersight creates that feeling every day, in call centers and companies around the world, through a unique suite of enterprise software solutions. We have analyzed over a billion interactions for leading healthcare, travel and hospitality, financial, insurance, tech, telecom, utilities and other clients, and built more than 10 million (and counting) behavioral algorithms that leverage a world-renowned personality model. The resulting products help employees and customers have smoother, faster, more productive conversations with each other—in short, better chemistry. Nice Systems Minneapolis MN

Senior Information Security Specialist Ii/Iii/Iv

Expired Job

Federal Reserve Bank