Candidate will have 5+ years IT experience performing security assessments of both internally developed and hosted systems, as well as third party vendor hosted and supported systems. The security analyst will provide infrastructure and security related scorecards and status reports to senior management. The position will also be responsible for various infrastructure and security related compliance issues, including desktop and server settings and patch management.
Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing. CISSP, GIAC, or other security certifications desired. Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and desktop, server, application, database, network security principles for risk identification and analysis. analytical and problem solving skills. Excellent communication (oral, written, presentation), interpersonal and consultative skills.