Information Security - Mid. level Analyst AND Sr. level Engineer

  • Hayward, CA
  • Full-time

Company Description

Bayside Solutions is an industry-leading provider of staff augmentation and consulting services. Since 2001, we’ve built our company around a single concept – relationships. We focus on the people we serve. We’re straightforward, consistent and 100% accountable. We deliver more intelligent solutions that help our clients and candidates thrive.

Job Description

Information Security - Mid. level Analyst AND Sr. level Engineer


Location: Hayward 94545

Duration: 6mos. Contract to Hire

 

List required work experience/skills: • Excellent communication skills • Excellent documentation and publishing ability • Ability to compile and deliver persuasive reports at all levels within the organization • Experience gathering requirements from stakeholders • Ability to create cogent, visually compelling reports for senior management • Strong, concise communication skills with a brisk writing style; able to build a compelling and effective narrative • Ability to work with little supervision and consistently deliver results Working knowledge of security technologies such as DLP, SIEM, IDS/IPS, Web filters, two factor authentication, web application firewalls, Active Directory Group Policy • Familiarity with concepts surrounding Data Loss Prevention, including best practices and common policies and procedures • Familiarity with network technologies (switches, routers, firewalls, VPNs, remote connection technologies, and multiple domain environments) • Familiarity with tools like Qualys, Rapid7, Q1 Labs, McAfee Suites (Host & Network), FireEye, BlueCoat, Juniper, Palo Alto Networks, MDM solutions are a plus • Experience with systems analysis including, but not limited to: • Gathering requirements from stakeholders • Constructing RFP/RFQs • Devising and planning proof-of-concepts • Defining use and test cases • Technical understanding of vulnerabilities and how attackers can exploit vulnerabilities to compromise systems • Knowledge of vulnerability sources such as SANS, US-CERT, commercial vendors (Symantec, SecureWorks, McAfee, IBM, etc.) • Knowledge of public intelligence sources such as ICS-CERT, FBI Infragard, HSIN • Knowledge of paid intelligence sources such as Verizon iDefense, RiskIQ, Critical Intelligence, Cybertrust • Solid analytical and problem solving skills; ability to think strategically and turn ideas into actions. • Able to work independently, yet seamlessly integrate activities with other teams when needed. • Able to lift 50 lbs. and see color coded events

 

List required education/degrees: • Minimum of 5 years of security experience • Experience with publishing and communication techniques • CISSP, CISM, CISA, Security+ or other recognized information security certifications or accreditations are a plus • Previous experience in the financial industry is preferred but not required

 

List duties of position: • Perform security research • Produce security risk advisories based on newly identified threats and risk assessment • Security compliance monitoring • Intrusion detection alert evaluation and response • Security event management response and reporting • Security data and alert analysis • Produce security risk advisories based on newly identified threats and risk assessment • Keep track of security projects • Perform security communications (Employee development, training, new hire material) • Create and distribute security awareness materials (Posters, handouts, presentations) • Develop and document security policies, procedures, and guidelines • Publish security information to employees • Develop and publish security communications • Create and distribute security awareness materials • Administer and maintain security website • Evaluate and monitor compliance with relevant bank and business regulations such as SOX, GLBA, FFIEC, etc, using gap analysis and remediation planning • Monitor and report on enforcement and compliance with company policies and standards • Maintain and support relationships with internal and external auditors • Develop and document security policies and guidelines • Implement and maintain a security awareness and training program • Publish security information to employees • Develop and publish security communications (Employee development, training, new hire material, etc) • Create and distribute security awareness materials (Posters, handouts, presentations, etc) • Administer and maintain security website

Additional Information