POSITION PURPOSE : The Sr. Security Specialist is responsible for managing internal and external customer operational information security services. This can include threat, vulnerability and patch management, change management requests, incident management, security reporting, security solutions, compliance management, reporting and security awareness. Designing, developing or recommending security systems solutions that will ensure proprietary/confidential data and systems are protected. Participates with the client in the strategic design process to translate security and business requirement into processes and systems. ESSENTIAL DUTIES AND RESPONSIBILITIES: • Understand contractual requirements with assigned customers • Deliver customer security solutions • Understand, communicate and administer established IT security policy • Assist solution design teams on technical specific security requirements • Contribute on a proactive basis to trend analysis and policy development • Review and approve change management and new customer requests from a security and risk management perspective • Second Level support for security related end user problems • Perform security trend and technology related research as necessary • Implement vulnerability, detection and protection security systems OTHER DUTIES AND RESPONSIBILITIES : • Implement security audit gaps results into the build and implementation project phase • Define and realize plans concerning technical content and innovation in such way that will contribute adequately to the realization of Security Management goals • Assist in internal and external security audits • Review and when needed improve the Security Management process QUALIFICATIONS : • Relevant security certifications are desirable but not mandatory, such as CISSP, CISM or CISA. • Bachelor's Degree with a focus in Information Systems / Computer Science / Information Security or higher. • Minimum 5 years of working experience in systems engineering on a specific OS (AIX, Linux or Microsoft Windows) or storage infrastructure, 3 years in Information Security experience with a focus of Security Management • Strong understanding for various IT security standards and practical experience implementing it within the IT framework of an organization • Strong understanding and practical experience of multiple compliance framework like ISO 27001, SAS70, COBIT, ITIL, SOX or PCI. • Excellent knowledge in access management/controls and have working experience in implementing it by applying a model and/or using a tool or system • Competent in security strategies and technologies including operating systems security, secure network, web and database services, penetration testing, access control, system monitoring and cryptography. • Experienced at implementing or managing risk management/methodology, processes and tools. • Ability to evaluate enterprise-wide impacts and make recommendations to approach issues and mitigate potential risks to an acceptable level • Experienced with solving complex technical security issues through design of security controls within a development lifecycle, provide recommendations to operational processes in service delivery, etc. • Experienced in handling challenging security incidents and participation in audit demands, communicate with internal & external customers management • Excellent interpersonal, verbal and written communication skills • Excellent analytical thinking and stakeholder engagement skills • Strong organizational and planning skills EDUCATION : • Completion of a Bachelor’s degree with course work in computer science, or equivalent work experience. Contact : Vikas Naik Phone: 510-984-2282 E-mail: vikas@finezi.com Finezi Inc. | www.finezi.com | Yahoo IM : vikasnaik_87 Linked IN : http://www.linkedin.com/pub/vikas-naik/30/134/a12