|Date Posted||January 9, 2019|
The Information Security Project Consultant (SPC) is responsible for providing security guidance to project teams responsible for delivering business solutions. The InfoSec Consultant will provide security guidance, identify and prioritize security-related requirements, promote secure-by-default designs and facilitate delivery of information security services.
The Security Project Consultant is measured on their ability to efficiently analyze system architectures to develop appropriate requirements which enforce TFS policies and standards. Their ability to manage multiple simultaneous fast-paced projects is critical. They will also be expected to perform risk assessments of information systems and infrastructure, develop appropriate risk treatment and mitigation options, and effectively articulate findings and recommendations to IT project teams and management. Excellent communication and interpersonal skills are essential and will be measured critically in all performance measurements. Experience reviewing vendor contracts and ensuring contracts meet the TFS information Security requirements is a plus. The InfoSec Consultant will be expected to work on multiple projects and tasks concurrently.
· Minimum 5 years previous experience as a Security Analyst, Security Architect or equivalent.
· Experience as an information Security consultant/Architect in Banking and Financial services.
· Familiarity with standard network security technology solutions: e.g. firewall, router, VPN, IDS
· Additional familiarity with the use of standard security technology solutions and processes such as: access control, user provisioning, directory, vulnerability management, anti-virus, single sign on, auditing, encryption
· Understanding of FFIEC, GLBA and SOX and their applicability to technologies and applications.
· Excellent organization skills
· Excellent written and verbal communication skills
· CISSP certification
· Needs to be Senior level and able to manage projects on their own with strong knowledge of Security and Technology Architecture
· High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity
Must Haves: Good interpersonal skills, Self-Starter, CISSP or other security certifications, Personal integrity, Prior experience (at least 5 years) with security tools and technologies.
Preferred/ Nice-to-haves: Experience in financial services