Security Administrator at Raritan

Job Description

Period: 09/09/2013 to 12/31/2013
Title: IT Technology Lead, Security Event and Log Management
Location: RARITAN / NJ / 08869

Description

Job Title: IT Technology Lead, Security Event and Log Management

PURPOSE OF POSITION

The IT Technology Lead, Security Event and Log Management is responsible for the operational support processes of the Global Event and Log Management service. The candidate is responsible for maintaining and operating the Global Event and Log Management service with a major focus on system event logs.

RESPONSIBILITIES/PRINCIPAL DUTIES (Essential Functions)*
The IT technology Lead, Security Event Log Management, is globally responsible for the security event and log management process and operational appliance of the process including but not limited to process ownership, security monitoring, event reporting and incident handling of our enterprise-wide IT Infrastructure.

Process Ownership / Governance:
Create, maintain and optimize the overall global infrastructure support process for Security Event Management and Log Management
Acting as the technical expert for security log and event management. Responsible for creation & execution of Operational activities
Identify deficiencies and developing actions plans to address them.
Gathering and reporting on Security Event Management and Log Management process
Responsible for the development of training content

Operational responsibilities
The deployment, integration and configuration of Global Centralized Log Management tools and processes, in accordance with sound design and change management principles.
Perform application support activities such as report creation/fine-tuning, availability monitoring, rule development/fine tuning and data receipt, load and storage.
Perform environmental administration tasks associated with the associated Operation System (OS) and Application, including but not limited to patching and upgrades.
Operate and maintain an enterprise-wide log Management process and tool deployed across multiple environments to gather, analyze and present information from network and security devices; identity and access management applications; vulnerability management and policy compliance tools; operating system, database and application logs; and external threat data.
Make reasoned and rational decisions about the required actions and escalations when security incidents occur.
Assess the process for opportunities to improve the efficiency of the process, then implement and deploy such efficiency improvements
The candidate will be responsible to act as the SME for the SELM platform (RSA envision).

Partnership
Partner with Q&C, IT Operations to understand business stakeholders need for Security Log and event collection and management, to determine the requirement to retain log data and their need for Security Log and event management to comply with internal requirements and different regulatory requirements.
Partner with clients Incident Response and Security Investigation teams as requested to retrieve specified log data without impacting operational activities.
Partner with a cross-functional team as long-term plans for SELM are fine-tuned.
Translate IT infrastructure and IT business needs into technical requirements.

Operational and Management Reporting / Governance
Working with log management and event-source capabilities, Create reports and/or alerts to predefined or customized parameters to identify events of interest to the customer.
Support the Design and implementation of Dashboards to enable the Command Center to correlate network, infrastructure and application related data, and determine whether events have occurred that require attention and follow-up.
Present to management the metrics and the actions defined to address the security issues identified.

Compliance
Create enterprise security documents (guidelines and procedures) pertaining to the operational management of the security monitoring infrastructure across multiple systems and applications within the controlled environment.
Assess the information available and follow the appropriate incident management process to resolution

Service Level Agreement
Ensure that all Service Level Agreements are met pertaining to security log management, reporting and alerting.

EDUCATION/EXPERIENCE

A. Education and/or additional training
Bachelors degree in information technology, science, or engineering, or equivalent experience. Advanced degree is a plus.

B. Experience
SIEM experience is a must, with a strong preference for RSA enVision. Strong technical background and experience with a broad range of Operating Systems and applications is a plus, including in particular Windows Server 2003 and later, Linux SusE / Novell SLAS, and HP-UX 11 and later. Operational experience (not user experience) with NetWitness#CBRose#

Rose International is an Equal Employment Opportunity Employer-M/F/D/V

About Rose

• Founded in 1993
• 21 office locations across the U.S.
• 130+ Customers; corporations and government agencies
• Employee Oriented Company
• Challenging Assignments across the U.S.
• Continuous Professional Development
• Challenging, Exciting and Professional Atmosphere
  

Join Our Team Today!

Employee Comments

We want you to work with us, but dont take our word for it. Take a look at this sampling of employee comments. They speak for themselves.
Rose International has been great to me. I thank everyone there for all of their hard work; it has not gone unnoticed. Melody, Consultant
Find Rose on Facebook
Follow Rose on LinkedIn 2011 Rose International. All rights reserved.

Job Requirements

 
Country: USA, State: New Jersey, City: Raritan, Company: Rose International.