Security Architecture

Skills
Strong telecommunications and wireless industry knowledge.
Strong platform knowledge (HP NSK (Tandem), UNIX, NT/XP/Vista, Network elements, Mainframes, Radius, Firewalls, Proxy Servers, Email Servers)
Expert knowledge of Intrusion Detection Services
Expert knowledge of penetration testing, vulnerability scanning, perimeter testing, etc.
Strong written and oral communication skills
Strong analytical skills
Working knowledge of Project Management discipline and process
Certification as a CISSP, CISA and/or CFE, or GIAC certification(s) (desired)
Organization, leadership and facilitation skills
Strong influence skills
Expert-level troubleshooting skills
Expert Knowledge of Security Policies/Practices
Extensive Security Application knowledge
Strong and current industry knowledge
Database knowledge (Access, Oracle, MySQL)
Skilled in the use of data capture and analysis tools
Strong programming and Scripting skills
Advanced communication protocol knowledge (TCP/IP, UDP, SS7)
Advanced browser, browser security, online commerce knowledge
Expert in computer forensics
Expert in Incident Handling & Response
Expert level of awareness of current attack vectors.

Technology experience with the following:
Firewall and Router configuration, Switches, secure network architecture, VPNs, PKI, Portals, Cisco, PERL, C++, XML, HTML, ISS, SNORT, Sniffer technologies, Windows 2000/NT, Solaris, AIX, HPUX, Red Hat Linux, Checkpoint, IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Radius, F5, Nessus, security tools and facilities.

Principal Duties and Responsibilities:
Identify Needs, Develop, and Maintain Critical Security Controls
Maintain all critical security controls (Proxy Servers, Firewalls, Intrusion Detection Systems, Jump boxes, Monitoring and logging systems, Surveillance systems)
Identify gaps and recommend new control measures to address those gaps
Research and recommend updates to existing measures to ensure currency is maintained to match current threat vectors

Lead Security Engineering Efforts 
Provide technical leadership to all Security Engineers.
Direct problem root cause identification, solution identification and design, and process improvements. 
Ensure all impact assessments are made, with all corporate change request processes being completed in a fully compliant manner. 
Ensure all infrastructure updates are made in a timely, accurate manner such that interruptions to production, test and headquarters environments do not occur.

Develop, Update and Maintain Security Engineering Documentation 
Oversee gathering and organization of data. 
Review design and development of the documentation. 
Perform reviews and edits. 
Oversee publishing and distribution of documentation 

Manage Individual Projects 
Perform needs assessment and direct requirements gathering. 
Develop the project plan and identify resource requirements. 
Schedule work activities and implement the plan. 
Control and monitor the plan activities to ensure plan is on track. 
Test and validate the completed plan to ensure initial requirements have been met.

Resolve Customer Security Issues 
Receive and analyze customer request(s) 
Develop and provide a solution or alternatives to customer. 
Acquire customer concurrence and approval of the solution/alternative. 
Lead in implementing the solution

Lead and Direct Proactive Risk Assessments, Security Reviews and Consulting 
Receive and analyze requests. 
Perform review/investigation/interview and provide findings and/or recommendations for mitigation or remediation of risks. 
Receive customer's and/or management concurrence and approval of the solution/recommendation. 
Lead in the implementation of the recommendation/solution, if required.

Conduct Security Investigations 
At direction of Manager - Corporate Security, initiate confidential investigations
Gather pertinent data and evidence.
Interact with Legal, HR and law enforcement agencies, when required.
Prepare final reports for management. 
Where required, act as expert witness in legal proceedings.