Security & Privacy Services – Security Management

Senior Consultant – 4 to 9 yrs

Manager -  9 to 15 yrs

Required Skills:

Experience in specific industry verticals is preferred, and a thorough understanding of the IT specific requirements within those verticals.

Engagement experience with security management products such as Archer, CA product suite, ArcSight, Symantec ESM suite, etc. is preferred.

Knowledge of COBIT or COSO framework.

Able to assess, develop and implement information security programs including organizational design and key process/procedures.

Analysis, development and implementation of security policies, standards and guidelines (IT governance frameworks).

Able to develop and implement security awareness programs.

Able to develop information security strategies and plans based on generally accepted security standards like ISO17799, BS7799, ITIL, NIST, SANS, JIS X 5080

Demonstrates mastery of large number of security frameworks and approaches.

Implementation of various Threat/Vulnerability/Risk models

Implementation of various Information/Data Classification schemes/models

Internal controls design experience with a focus on technical security controls

Planning and implementing technical security controls.

Functional and non-functional security requirements definition and documentation experience

Technical specifications:

Identify and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement

Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects

Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services

Understand clients' business environment and basic risk management approaches

Demonstrate a general knowledge of market trends, competitor activities

 
Project Management :

Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions

Play substantive/lead role and engagement planning, economics, and billing

Generate innovative ideas and challenge the status quo

Participate in proposal development efforts

Participate in "add-on" sales to client

Membership and visibility in professional & civic organizations

Identify opportunities to cross-sell other services

Build and nurture positive working relationships with clients with the intention to exceed client expectations


People Management :
Managing teams and their deliverables
Assist in retention of professionals
Participate in training efforts

-------------
Security & Privacy Services – Vulnerability Management

Senior Consultant – 4 to 9 yrs

Manager -  9 to 15 yrs


Required Skills:
· Experience in information security & controls
· Should have played a lead role in a client engagements (Global exposure)
· Exposure to methodologies such as OWASP preferred
· Information Security Audit
· Penetration Testing-Network, Host, Applications (Ethical Hacking)
· Vulnerability Assessments-Network, Host, Applications
· Security in SDLC (Application Security)
· Secure code review - .NET & J2EE technologies
· Enterprise IDS Implementation and Testing
· Operating System and Application Hardening
· Incident Response Training
· Information Security Education
· System security and controls including:
· Firewall design and implementation (NOT Administration)
· Encryption technology design and Implementation
· Network configuration and administration
· Security auditing techniques


Key Job Responsibilities

 

Technical:

Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards

Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement

Demonstrate Infrastructure Security design and implementation skills on Client IT environment like experience of SIEM (Security incident event Management), Encryption technology solution design and implementation

Understand Threat and Vulnerability Management at enterprise level, facilitate use of technology-based tools or methodologies to review, design and/or implement products and services

Understand complex business and information technology management processes


People:
Execute advanced services and supervise staff in delivering basic services

 

Delivery:
Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects

Understand clients' business environment and basic risk management approaches

Demonstrate a general knowledge of market trends, competitor activities,

QA deliverables from the team and be the single point of contact for all

Project delivery with the client.

Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions

Generate innovative ideas and challenge the status quo

Build and nurture positive working relationships with clients with the intention to exceed client expectations

Identify opportunities to improve engagement profitability

Participate in and actively support mentoring relationships within practice

Excellent potential for 1) playing lead role in designated tasks of the project team in gathering, organizing and analyzing data; 2) making major contributions in assuring products/deliverables meet contract/work plan and; 3) strong potential for growth and acceptance of additional responsibilities

Please send your resume to mvreddy@mutagengroup.com

Thanks & Regards,
Venkat Reddy

http://www.linkedin.com/in/venkatreddy