FEATURED JOBS
- Consultant Regional Risk & Compliance(Retail)(PP)
Absa Bank
Africa / Middle East, Africa, South Africa
- NABConnect Team Member - eChannel Servicing Technical Support Specialist
National Australia Bank
Oceania, Australia
- Director, Compliance Review and Mediation Unit (CRMU)
African Development Bank
Africa / Middle East, Africa, Tunisia
Popular Searches
RESOURCES
Lead Threat Management Analyst Job Details
<< Back
Vacancy has expired
Show me jobs like this one
| Lead Threat Management Analyst (Ref: 97462) | |
| Sector, Sub Sector: | Other |
| Compliance Type: | Regulatory/Compliance |
| Expertise: | - |
| Company: | Fifth Third Bank |
| Location: | Charlotte , North Carolina Americas, United States |
| Employment Type: | Permanent |
| Job Description: |
GENERAL FUNCTION: · As a member or the Information Security discipline, assists in the evaluation and development of systems security across the enterprise. Areas of concentration include firewall policy auditing and oversight, intrusion detection and prevention network based and web application based vulnerability scanning, malware management, virtualization, and network routing switching. Requires technical expertise in systems administration and security tools, combined with the knowledge of security practices and procedures. Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). Prepares status reports on security matters to develop security risk analysis scenarios and response procedures. · Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls. Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness. Provides direct support to the business and IT staff for systems security related issues. Educates users on systems security standards and procedures. Must have broad technical knowledge of firewalls technologies, IDS IPS and server operating systems (e.g., UNIX, LINUX, WINDOWS). Must be able to educate consumers on network and application security best practices. · Position requires scheduling flexibility to address work assignments, which includes regular scheduled on-call, unscheduled on-call support in the event of system problems, and may involve evening and early morning and weekends for planned activities. DUTIES AND RESPONSIBILITIES: · Serves as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry recognized security technologies and concepts; actively engages and assists lines of business to understand their needs and develop secure business solutions. · Remains knowledgeable of changes in security technology, industry practices, and state and federal regulatory requirements; provides technical assistance to IT staff in the detection and resolution of security problems. · Monitors security advisory groups to ensure security updates, patches and preventive measures are in place. · Monitors, analyzes, and interprets system logs for events and incidents reflective of unauthorized access or operational irregularities and escalates for action as appropriate. · Participates in risk assessment activities and assists in analyzing the output of audits to produce recommendations of acceptable risk. · Promotes activities to foster information security awareness throughout the organization. · Ensures compliance with policies and procedures for change management. · Creates policies, procedures, standards, and guidelines used to secure assets against unauthorized or accidental modification, destruction, or disclosure. · Responds to incidents to prevent additional loss and to obtain and preserve forensic evidence. · Administers security related processes and tools; screens and verifies updates are made to required systems. · Research, evaluate and recommend information security related applications, hardware, and software. · Coordinates efforts to assure compliance with security patch application and virus protection policies. · Acts as a liaison to product groups and assists them in the implementation of security technologies and applications security. · Advanced professional level role. · Develops security solutions for medium to highly complex assignments. · Works on multiple projects as a team lead. Assists and cross trains fellow team members · Performs other duties as assigned. SUPERVISORY RESPONSIBILITIES: None Experience KNOWLEDGE & SKILLS REQUIRED: · Bachelor’s Degree in Computer Science, Information Systems, or other related field. · 4 to 6 years of combined IT and security work experience. · Preferred CISSP, GIAC, or CISM certification. · Knowledge of information security frameworks and governance standards; ISO/IEC 17799:2005 and 27000. · Knowledge of audit frameworks such as COSO and COBIT. · Knowledge of regulatory compliance standards. (PCI, GLBA, HIPAA, SOX, and SAS70). · Understands LAN, WAN, and wireless communication concepts. · Expert knowledge of various Firewall technologies · Working knowledge of UNIX and Windows operating systems. · Expert knowledge of various IDS, IPS technologies · Working Knowledge of LAN, WAN, and routing communication |
| Job Ref No: | 97462 |
