Search Jobs

Hold CTRL to choose multiple sectors (up to 3)


Hold CTRL to choose multiple sectors (up to 3)

Security Architecture Assessment Analyst job in

Vacancy has expired

  • Show me jobs like this one
  • More jobs from this recruiter
  • Email this job to a friend
  • Print this job
Job Ref:  2016-172814
Employer:  Keane Group
29/09/2016 21:03
Overview: At NTT DATA, we know that with the right people on board, anything is possible. The quality, integrity, and commitment of our employees have been key factors in our company's growth and market presence. By hiring the best people and helping them grow both professionally and personally, we ensure a bright future for NTT DATA and for the people who work here.

A group company within NTT DATA currently seeks a Security Architecture Assessment Analyst to join our team in Halifax, NS.

Position Functions or Responsibilities: As part of a group of security architecture assessment team, you will handle security architecture assessments on IT systems and applications for Vendors. NTT Data is looking for a Security Architect assessment analyst to review technology and architecture involving vendors. This role requires experience in application and/or infrastructure security, technology risk management in a highly regulated environment. The consultant will use the defined assessment guidelines for Infrastructure and Platform as a Service threat-analyses.

The assessment team is responsible for ensuring that systems deployed in the production environment meet all Security architecture guidelines and standards, and that appropriate remediation plans are put into effect for any systems not meeting these standards.

Our client onboard large vendor services and thus require performing a detailed assessment of technology setup, technical architecture, possible insider/external security threat for information loss. The security assessment analyst will handle delivering the assessment in a short period while our client is finalizing the contract with the vendor. This is a high visibility role.

You should have the real strong experience to work in a multiple vendor service environment such as cloud services, data center, remote apps support, managed services delivery, ODC set up, offshore location setup, etc. Your experience includes responsibility for managing/assessing the vendor environment set up and evaluate risk to the client's environment.

The role demands strong consulting communication skill to work with technology stakeholders, senior executives, business, and external vendors. You must have strong architecture experience to perform the assessment for the complete system/solution involving end-to-end technologies and processes. You must possess technical security knowledge to protect the technology solution and set up from internal and external threats.

Duties and Responsibilities (day to day)
- Contact system owners for assigned systems to gather relevant background material about the system/application and to set up interviews for information gathering.
- Conduct remote/in-person interviews with system owners to get all of the required information for assessment and to identify any gaps.
- Review system related material, including specifications, diagrams, requirements, test plans to identify security related standards are followed.
- Write up case notes in a standard format and identify gaps versus requirements and recommended actions to remediate.
- Review results with system owners and senior security architecture analysts, as needed.
- Use creative approaches to identify vulnerabilities that are commonly missed in security assessments.
- Create comprehensive security architecture assessment reports that clearly identify root-cause and remediation strategies.
- Act as technical lead on assessment tasks; Ensure the assigned case is assessed as scoped, that attacks are taken to their fullest potential and that creative, complex and blended attacks are used to further add value to engagements.
- Develops and establishes global security standards and processes.
- Evaluates new and emerging products, technologies and make recommendations concerning the introduction of new technologies.

Basic Qualifications: - 2 years experience with security architecture analysis as well as secure software system design and architecture including common development platforms and hardware/languages
- Software architecture and development: the ideal candidate shall have experience in design and implementing enterprise applications.
- Comprehensive web application security expertise.
- Strong understanding of general Information Security principles and solutions including design principles, data flow, connectivity and configuration.
- Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]) as well as encryption.
- Working knowledge of standard knowledge-Office applications (Windows, Office Professional, Visio, etc.) and specialized project/program management software (MS Project, etc.)
- Experience in security testing is a plus.
- Knowledge of the iOS or/and Android platform and their security model is a plus.
- Knowledge of cloud security architecture is a plus.
- Programming languages: the ideal candidate will have experience with practical programming languages such as Java, JavaScript or .net.
- Knowledge of the Security Assessment and Authorization (SA&A) process (required)
- Knowledge of primary control frameworks such as: ISO, CObIT, SOX, PCI, etc. (required)
- Financial Services industry knowledge (desired)
- ITIL Knowledge/Certification - (desired )
- Preferred: CISSP, GIAC, SSCP or, CEH, CSSLP.
- Frameworks, protocols and subsystems: J2EE, .NET, Spring, RPC, SOAP, MQSeries, JMS, RMI, JMX, Hibernate, Applet.
- N-Tier application design and implementation, particularly web-based applications that cross company boundaries.
- Knowledge of JSP /Servlet/EJB or NA, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex / Silverlight.
- Database design and programming experience (desired)
- Experience of liaising with external penetration testing vendors
- Experience in conducting penetration tests, dynamic vulnerability assessments and static vulnerability assessments
- Experience in delivering a developer training for software security (desired)
- Knowledge of cryptographic techniques/technologies

This is a full-time salaried position with a group company within NTT DATA. Please note, contractors will NOT be considered. This position is only available to those interested in direct staff employment opportunities. We offer a full comprehensive benefits package that starts from your first day of employment.

NTT DATA is your Innovation Partner anywhere around the world. With business operations in more than 35 countries, we put emphasis on long-term commitment and combine global reach and local intimacy to provide premier professional services from consulting, system development, business process and IT outsourcing to cloud-based solutions.

Visit NA to learn how our consultants, projects, managed services, and outsourcing engagements deliver value for a range of businesses and government agencies.

Options: Apply for this job online Apply
Refer this job to a friend Refer

Share on your newsfeed
Copyright © Rengineeringjobs.com Job Board 2011  | Powered by JobMount Job Board Software