Mid-Level IA Security Specialist

The team member supports information assurance management, risk and vulnerabilities assessments within enterprise systems and databases.  The team member researches remediation of these findings and develops compliance plans.  The team member determines the impact of executing the IA remediation solutions provided by IRM, and provides methodology and recommendations.

The team member will analyze C&A findings and develops remediation plans. The team member will utilize DOS’ iPost application to monitor and push-out security patches to the HR IT enterprise infrastructure.

Team member must be able to work till 7 p.m. Monday through Friday and support release nights (Fridays - 7p.m. -12 p.m.) as needed.

List of project(s) or duties currently being worked by the individual:

• iPost monitoring and remediation coordination (database and systems)


• Development lifecycle support (migrations and support)


• Mentor team members and daily tasks/tickets


• VMWare


• Active Directory


• Symantec EndPoint Manager

Specific role of the individual in the project (i.e., lead, developer, production control, etc.) and % of time dedicated to project(s).  Be as specific as possible:

• Lead Security SME and iPost Administrator (100%)

Size of team working the project(s)

• System Security and iPost (1-2)

Required:  

• Strong knowledge of Information Assurance Management best practices


• Strong knowledge of Security Patch management


• Strong knowledge of systems and database security  best practices


• Experience with Microsoft Windows server operating system 2008


• Experience with PeopleSoft 9.1 administration tasks including installation and configuration


• Experience with Oracle Database 11g administration tasks including installation and configuration


• Experience with SQL Server 2005/2008 administration


• Experience with Linux and/or similar Unix-based servers


• Bachelor degree in computer management, information security or equivalent job experience

Skills Preferred:

• Familiarity with guidelines to support the implementation of and compliance with the FISMA


• Familiarity with the  DOS’ iPost application


• Experience with NetIQ monitoring tool

Experience: 4+ years enterprise level Information Assurance Management and security vulnerability experience,        4+ years enterprise level security scanning and reporting tool experience, 4+ years Microsoft Windows 2003 or above administration and server maintenance, 2+ years PeopleSoft Server database administration, 2+ years Oracle server administration, 2+ years SQL server administration, 2+  Unix/Linux server administration

 Certification: Advanced training or professional security certifications (e.g.  CISSP, CISA, CISM  or Security+)