Technical Security Analyst  

IF YOU FEEL YOU ARE A GOOD FIT FOR THIS POSITION PLEASE CALL US AT 612-332-8700.  NO THIRD PARTY CALLS WILL BE ACCEPTED.

THIS IS A FULL-TIME,  PERMANENT OPPORTUNITY.  NO H1Bs.  SALARY WILL BE BETWEEN $72,000 AND $80,000.

Technical Security Analyst

• Performs policy compliance monitoring and vulnerability assessment checks on a daily basis
  


• Monitors system logs for events of interest and manages log management system.
  


• Performs vulnerability assessments on production systems and preproduction testing to ensure systems are configured to an approved secure baseline configuration.
  


• Participates in computer incident response teams.
  


• Manages privileged system accounts to include password escrow and rotation and ensure that proper segregation of duties is maintained or mitigated.
  


• Analyzes, audits, and coordinates Information Systems activities in order to reduce and manage risk to computer-stored information.
  


• Assists in developing and communicating security procedures to users.
  


• Implements and maintains an Information Security Awareness Program.
  


• Completes security assessments as they relate to Information Systems.
  


• Identifies potential threats and responds to security violations.
  


• Determines causes of security violations and recommends corrective actions to ensure data security.
  


• Perform other projects or miscellaneous duties as requested or assigned.
  
  

Requirements:

• Education: BA or BS plus 4-5 years of experience in Information Security and general exposure to a wide range of technologies: Internet, application development, network infrastructure, and business process.
  


• Certification(s): Current CISSP, CISA or CISM certification required.
  

• Hands-on experience in the development of PCI-DSS related security policies, standards, guidelines and procedures


• A minimum of 2 years of PCI-DSS compliance experience with Level 1 or 2 merchants


• A minimum of 2 years experience in information security


• Working knowledge of the following:


• Microsoft Windows server and desktop platforms


• Active Directory


• Web/Internet: JSP, ASP


• Intrusion detection, firewalls


• Network components including TCP/IP, routers, switches, etc.


• In-motion and at-rest data encryption

• Technical writing skills and sufficient IT technical knowledge to document solutions


• Experience within retail/retail distribution industry required


• An in-depth understanding of the PCI-DSS Requirements and Security Assessment Procedures, Version 1.2 dated October, 2008


• Knowledge of PCI 1.2 and ISO Information Security best practices


• Familiarity with: Sun Solaris, Microsoft SQL Server and Oracle DBMS, Application development: Java and .NET, Lawson ERP.