Previous Job
Previous
Sr. Consultant 1-Sr. PCI Auditor
Ref No.: 18-08281
Location: Trenton, New Jersey
Position Type:Contract
Experience Level: 8 Years
Start Date: 08/06/2018
The Security Engineer is responsible for planning and maintaining enterprise-wide information security framework and architecture. The consultant will ensure that the design/implementation of all business solutions meet security requirements.

Summary
The consultant will ensure that the design/implementation of all business solutions meet security requirements. The consultant must have experience in Network Security design and IT security engineering and architecture. This includes hands-on experience designing and deploying security solutions, a strong experience in network security design, architecture and implementation.

Must have Domain expertise in 3 or more of the following areas: network security, network architecture and routing, Windows platform security, UNIX/Linux platform security, encryption, threat management, application security, database management/security, data governance, entitlements management, identity and access management, data loss prevention, PKI, authentication technologies.
The consultant must have the experience and ability to perform systems security or vulnerability analysis and design. They also must have:

- Experience and understanding in routing protocols; of Network Layer concepts and technologies, packet- level understanding of basic TCP/IP protocols, and of VPN technologies to include GRE and IPsec.
- Detailed understanding and configuration experience of routing firewall and load balancing technical capabilities.

- Through knowledge of IPS/IDS and Web proxies, application security, authentication and access management, security threats and security tools.

- Hands-on experience with ethical hacking and incident response. Experience with Security Audit project such as PCI DSS.

Responsibilities:
- Lead PCI audit program and compliance process.
- Advise and share PCI best practices, compliance and processes.
- Maintain oversight of the program ensuring compliance objectives are consistently met.
- Coordinate remediation plan and facilitate communication with stakeholders within the Judiciary.
- Collaborate with cross-function teams to collect evidence for the assessment.
- Maintain documentation in support of PCI processes and controls.
- Proactively identify compliance issues through ongoing compliance management testing and validation.
- Interface directly with PCI qualified security assessors (QSA) during annual audits on matters relating to the assessment and completion of the Report on Compliance (ROC)

Qualifications Required:
*Bachelor’s degree in Computer Science, Engineering, MIS or related field required with 12+ years relevant experience; or Master’s degree with 8+ years relevant experience; or equivalent work experience
*4+ years of IT experience
*2+ years of Information Security experience
*2+ years of experience with PCI-DSS requirements
*Strong communication skills in both oral and written presentations and reports
*Demonstrate leadership and project/programs management skills

Qualifications Preferred:
*Current or previous PCIP, QSA, or ISA certification
*CISSP certification
*Security Certification a plus - GIAC, CRISC, and or CCNP/CCNA

Skills are to include:
*Network Security Design
*IT Security Architecture, designing & deploying security solutions
*Experience in network security design, architecture and implementation
*Domain expertise in network security,
*Domain expertise network architecture and routing
*Domain expertise Windows platform security
*Domain expertise UNIX Linux platform security
*Domain expertise encryption
*Domain expertise threat management
*Domain expertise application security
*Domain expertise database management/security
*Domain expertise data governance
*Domain expertise Entitlements management
*Domain expertise identity and access management
*Domain expertise data loss prevention
*Domain expertise PKI
*Domain expertise authentication technologies
*Experience and ability to perform systems security or vulnerability analysis and design
*Knowledge of routing protocols
*Experience and understanding of Network Layer concepts and technologies
*Packet-level understanding of basic TCP/IP protocols
*Experience and understanding of VPN technologies to include GRE and IPsec.
*Detailed understanding and configuration experience of routing firewall
*Detailed understanding and configuration experience of load balancing technical capabilities.
*Through knowledge and experience of IPS/IDS and Web proxies
*Through knowledge and experience application security, authentication and access management
*Through knowledge and experience security threats and security tools.
*Hands-on experience with ethical hacking and incident response.
*Experience with Security Audit project such as PCI DSS.
*7+ years’ relevant experience

The ideal candidate can:
- Demonstrate expertise in teaching, conveying technical and or functional courses and concepts.
- Develop appropriate work programs and use to effectively schedule tasks and assignments.
- Identify improvements to project standards to achieve high quality services and products.
- Assessment and recommendations of on-site security compliance.

Management or Lead Experience (preferred)

Experience working in a DevOps environment (preferred) and a cloud computing environment (preferred).