IT Security Analyst, PCI-DSS

This is a CONTRACT engagement (C2C, W2) The project is scheduled to start April 1 and run for through September 30, 2015. RALEIGH/DURHAM AREA CANDIDATES ONLY PLEASE.JOB DESCRIPTION: The contractor will help implement and monitor PCI environments using those best industry practices, IDS/IPS, SIEM, employee awareness training tools, anti-virus, utilization of network packet analyzers and related technologies in support of assessing and maintaining PCI-DSS compliance.The position is responsible for assisting information security analysts and applicationthis includes investigating and recommending appropriate corrective actions.
- Conducting internal vulnerability assessments and scheduling of third party external scans.
- Management and verification of user PCI security awareness & training.
- Hands-on implementation of security devices and applications to monitor and review network, Servers, and applications.

KNOWLEDGE, SKILLS, AND ABILITIES REQUIREMENTS:

- The candidate must be a skilled information security professional with advanced knowledge and direct experience developing and implementing information security policies, standards and procedures for large organizations. Three+ years of progressive experience in computing and information security, including specific experience with Internet technologies and related security issues is required.
- The candidate must have 2 years experience supporting & implementing security for a large organization assessed against PCI-DSS 2.0, and advanced familiarity with PCI-DSS 3.0. That organizational experience must be PCI-DSS Level 1 or Level 2.
- Knowledge of regulatory compliance including but not limited to: OWASP, ISO 27001 and NIST
- Two+ years experience with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, Security Information and Event Management (SIEM), Network Behavior Analysis tools, Antivirus, Network Packet Analyzers and malware analysis.
- Experience implementing and executing security incident response.
- BA or BS in Computer Science, Management Information Systems, or equivalent experience.
- Must have excellent communication skills (written and verbal) and have the ability to communicate with all levels of staff and management.

Preferred:

- Previous or current PCI QSA or ISA certification.
- CISSP, GIAC, CEH, Security+ and related security certifications.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin or disability.

Experience:
2+ years supporting/leading, a Level 1 or Level 2 orgs PCI-DSS 2.0 compliance effort, working with ISA or QSA. Deep understanding of PCI-DSS 3.0 requirements. PCI QSA or ISA cert preferred.