Senior Information Security Specialist New York, NY We are looking for seasoned hands-on Security Specialist with a good blend of Security and Applications experience who has expertise in Information security administration, application development specifically related to security requirements, and infrastructure security. Duties and Responsibilities Security architecture, administration, and support for ongoing IT and Digital/Web initiatives. Responsible for providing protection to the information technology (IT) systems. Security risk assessment and recommended remediation for infrastructure and applications. Develop and facilitate deployment of and provide subject material expertise information security. governance documents: policies, frameworks, programs, procedures, and audits. Define, develop, and implement security models around IRM and DLP initiatives. Proactive monitoring security threats and vulnerabilities to identify and prevent potential intrusions. Plan and execute security projects. This may include managing joint development with 3rd party vendors, and providing guidance (with other departments) to the engineering and QA teams. Ensure, and deploy as needed, security solutions, best practices, etc. Compliance reviews, evaluating internal controls for the business and applications. Perform information security compliance assessments, review control alignment with applicable regulatory laws and governing documents. Skills required: Five years+ of experience as a Security Specialist (including business, application, and infrastructure security) Thorough understanding of related security aspects for N-tier application architecture and web based applications Thorough conceptual understanding of authentication, authorization, data confidentiality, non-repudiation, integrity, and audit logging Programming skills (in any language), Scripting (shell, PowerShell, VBscript) Good understanding of OWASP and PCI Deep understanding of security policy best practices. Should have experience in developing security governance documents for an enterprise and of PKI and certificate management. Thorough understanding of network security including TCP/IP, DNS, DMZ, Firewalls, Web Application Firewalls best practice design and deployment Knowledge and experience addressing security challenges in virtualized, cloud, mobile environments One of Major InfoSec Certifications (CISSP, CISM, SANS) and credentials is a must Documenting skills, ability to use efficiently MS Office applications (Word, Excel, Outlook, Visio). Network and application firewalls (web app firewalls, XML firewalls, database firewalls) Security event management and architecture of SIEM products Security specifics in applications development and custom codes Interested candidates please forward a copy of your resume to ericmarcus@technisource.com