LOL Job Requirements

Started by deanwebb, January 05, 2015, 01:09:40 PM

Previous topic - Next topic

deanwebb

Just got contacted for a role with the longest list of requirements I've seen in a good long while:

THE DETAILS
• Responsible for implementation and operation of key security technologies like
o Single Sign On
o Privilege Identity Management
o Vulnerability Management
o Disk Encryption
o Firewall Auditing
o Network Access Control
• Create and maintain team standards and strategy for special projects involving Perimeter Defense, including Firewalls, Intrusion Detection/Prevention and Incident Response
• Work within the administration of the Computer Security Incident Response Team's infrastructure, including Intrusion Detection/Prevention systems and Malware Analysis platform, performing upgrades when necessary, monitoring system performance and system(s) capacity
• Establish key business operations relationships, providing an avenue to assess and recommend operational changes and enhancements
• Ensure that system improvements are successfully implemented and monitored to increase efficiency
• Partner with the IT and business operations areas and with both internal and external parties to resolve technical security issues
• Create testing procedures, requirements, documents and evaluation methods using Microsoft Office applications including Word, Excel, PowerPoint and Visio Access
• Communicate with both technical and non-technical users to determine individual requirements
Other duties include:
• Provide technical security support to other IT and business groups
• Provide architectural design, implementation, and operational support
• Implement new technologies as required to support the ever changing security landscape
• Work closely with the Internal Audit and the Security and Compliance departments to insure a unified architecture and communication with the field.
• Help develop, operate, and maintain security guidelines and procedures including incident response support and monitoring and enforcing security controls.
• Ensure the ongoing integration of information security with business strategies and privacy requirements
EDUCATION/CREDENTIALS
• Bachelor's Degree in computer science or relate field, and
• One or more of the following certifications: CISSP, CISA, CISM, CCNA, CCNP,CCIE, CWNA, CWNP, and CWNE- Good to have

General Requirements:
• 5+ years of total Information Security experience, in a highly, technical hands on environment required
• Proven ability to communicate effectively to executive management required
• Knowledge of NIST 800-53, COBIT, ISO 27001/02 etc
• Understanding of current Data Privacy and HIPAA-HITECH regulations
• Familiarity with HITRUST Common Security Framework preferred
• Flexible, creative and able to function well in a team environment
• Strong analytical skills
• Ability to explain difficult technical matters in a manner understood by non-technical contacts
• An understanding of confidentiality and working in a procedure-oriented environment
• Good organizational skills
• Must be able to work effectively in high stress situations
• Strong oral and written skills
• Must be open minded and willing to learn
• Must be dedicated
• Must be able to multitask
• Must be able to demonstrate expertise in problem solving and conflict resolution
• Excellent communication (both written and verbal)
• Organizational and analytical skills
• Possess the ability to interact professionally with Senior Leadership
• Excellent leadership skills and the ability to unify and empower multiple groups to achieving the same goal
• Ability to interact with technical staff across multiple systems and disciplines-High degree of self-sufficiency, ownership, and pride of deliverables
Technical Requirements:
• Broad knowledge of internet technology and protocols
• Broad knowledge of network infrastructure design and implementation
• Knowledge of Linux and Unix systems (SUSE and Mainframe)
• Thorough knowledge of all Windows based systems
• Thorough knowledge of network infrastructure equipment (Router, switches, DNS, Proxy, Mail, etc.)
• Thorough knowledge of Internet applications (SMTP, HTTP(s), FTP, telnet, SSH, etc.)
• Thorough knowledge of Security threats and countermeasures
• Thorough knowledge of risk assessment and practical implementations
• Thorough knowledge of Intrusion Prevention Systems (IPS - Host and Network)
• Thorough knowledge of Intrusion Detection Systems (IDS - Network)
• Thorough knowledge of Log analysis (Diverse systems)
• Must be proficient and maintain Subject Matter Expertise in multiple technical disciplines
• Must have and maintain a thorough knowledge of security vulnerabilities and or weaknesses
• Thorough knowledge and understanding of malware
• Experience with C, Perl, Java, shell, and various scripting languages and tools
• Expertise in Incident Analysis
• Thorough knowledge in Understanding and Identifying Intruder techniques
• Thorough understanding of the requirements for Chain of Custody and the maintenance of Incident Records

:matrix:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

hizzo3

So.... They want an entire IT department in one person? I bet its for a stellar $35k/yr too. Lol
Only thing missing is desktop support.

SimonV

Quote from: deanwebb on January 05, 2015, 01:09:40 PM
• One or more of the following certifications: CISSP, CISA, CISM, CCNA, CCNP,CCIE, CWNA, CWNP, and CWNE- Good to have

Yes, I have a CCNA. I even have two

:awesome:

NetworkGroover

Usually a laundry list of everything they want. I feel it never hurts to apply if you want the job and get told no.  Usually they budge if they like you.
Engineer by day, DJ by night, family first always

dlots

Shouldn't have any issues finding that :-)