Job Postings
Members, sponsors and associates of the Portland ISSA Chapter can request to post job opportunities posted here. Please contact “President at issa-portland dot org” to have postings added/removed from this page. If you are interested in a posting it might be worth checking with the chapter membership for the “inside scoop”.
|
Hillsboro |
Full-Time |
12/12/2011 |
|
|
Security Penetration Tester – Information Security – Hillsboro |
Hillsboro |
Full-Time |
01/11/2012 |
|
Hillsboro |
Full-Time |
01/01/2012 |
Job Title: Senior Consultant, PCI Risk & Compliance
Skills: PCI Risk Assessments/Gap Analysis/Remediation Plans
Location: Negotiable.
Tax Term: Full Time
Pay Range: $80-$110k commensurate with experience.
Length: Indefinite
Travel Required: <50%
Telecommute: Negotiable
Position Description: The Senior PCI Risk & Compliance Consultant will work with Sword & Shield customers to conduct procedural and operational assessments of information security processes and system controls – with a focus on PCI DSS compliance. Senior consultants will leverage analytical skills and security and compliance knowledge to review organizations’ current security policies, processes, and controls to provide in-depth gap analyses and guidance on best practices in Governance, Risk, and Compliance (GRC) as it relates to the PCI DSS standards.
This position requires an extensive knowledge of security concepts and architecture, technical auditing techniques and standards, as well as a strong background in and knowledge PCI DSS compliance mandates. This function also requires excellent communication skills over phone and email and particularly the ability to correctly convey solutions to more or less knowledgeable customer contacts.
You can enjoy a casual work environment while working with a close, family-oriented peer group of security professionals. Sword & Shield is a small privately-owned company with large government contracts and Fortune 1000 commercial accounts. If you enjoy hands-on interactive network security work…this is the place for you. Our work environment allows our security consultants the opportunity to showcase their skills and abilities and receive the credit they deserve as individuals.
Required:
United States Citizenship: an absolute must have.
Specific experience with, and in-depth knowledge of, PCI DSS compliance regulations and performing audits and assessments on these mandates: an absolute must have.
Strong understanding of risk management and information security management
BS degree (or higher) in a technical discipline.
Strong IT experience including at least five (5) years of IT security
At least five (5) years of performing PCI DSS audit/risk assessments, preferably as a consultant and a QSA.
Technical operational knowledge of firewalls, routers and switches, intrusion detection systems, event log management, anti-malware, encryption, and additional information security areas
Strong understanding of Unix and Windows platforms, as well as TCP/IP protocols; expertise in using MS Excel, MS Word
Excellent communication & people skills
Desired (But Not Required):
· Active or past Qualified Security Assessor (QSA) certification for performing PCI audits strongly preferred.
· Experience with commercial and freeware governance, risk, and compliance tools such as Modulo Risk Manager, RSAM, or TruArx.
· Experience with other compliance areas such as: FISMA/NIST, FFIEC, GLBA, and HIPAA
· CISSP, CISM or CISA certifications
Ideal Personal Characteristics:
· Proven ability to interact with company and business leaders at the “C” level (e.g. CIO, CFO, CSO)
· Strong, creative problem solving and analytical thinking
· Willing to accept new challenges and learn in new areas; strong communication skills
· Flexibility and responsive to changing situations; adaptable
In addition to a career in the challenging world of computer and network security, Sword & Shield Enterprise Security, Inc. offers competitive salaries, full benefits, participation in 401(k), andopportunities for professional growth and development. We offer the opportunity to work with cutting-edge security technologies in a stimulating work environment.
If you are interested in joining us, E-mail your letter and resume to jobs@sses.net.
Job Title: Senior Consultant, HIPAA Risk & Compliance
Skills: HIPAA Risk Assessments/Gap Analysis/Remediation Plans
Location: Negotiable.
Tax Term: Full Time
Pay Range: $80-$110k commensurate with experience.
Length: Indefinite
Travel Required: Telecommute: Negotiable.
Position Description: The Senior Risk & Compliance Consultant will work with Sword & Shield customers to conduct procedural and operational assessments of information security processes and system controls – with a focus on HIPAA compliance. Senior consultants will leverage analytical skills and security and compliance knowledge to review organizations’ current security policies, processes, and controls to provide in-depth gap analyses and guidance on best practices in Governance, Risk, and Compliance (GRC) areas as it relates to HIPAA security and privacy standards.
This position requires an extensive knowledge of security concepts and architecture, technical auditing techniques and standards, as well as a strong background in and knowledge HIPAA security and privacy rules. This function also requires excellent communication skills over phone and email and particularly the ability to correctly convey solutions to more or less knowledgeable customer contacts.
You can enjoy a casual work environment while working with a close, family-oriented peer group of security professionals. Sword & Shield is a small privately-owned company with large government contracts and Fortune 1000 commercial accounts. If you enjoy hands-on interactive network security work…this is the place for you. Our work environment allows our security consultants the opportunity to showcase their skills and abilities and receive the credit they deserve as individuals.
Required:
· United States Citizenship: an absolute must have.
· Specific experience with, and in-depth knowledge of, HIPAA security and privacy rules including the HITECH Act, as well as performing audits and assessments on these mandates: an absolute must have.
· Strong understanding of risk management and information security management
· BS degree (or higher) in a technical discipline.
· Strong IT experience including at least five (5) years of IT security .
· At least five (5) years of performing HIPAA audits/risk assessments, preferably as a consultant.
· Technical operational knowledge of firewalls, routers and switches, intrusion detection systems, event log management, anti-malware, encryption, and additional information security areas
· Strong understanding of Unix and Windows platforms, as well as TCP/IP protocols; expertise in using MS Excel, MS Word
· Excellent communication & people skills
Desired (But Not Required):
· Active or past HIPAA certification(s) and/or training strongly preferred.
· In-depth knowledge or certification in HITRUST methodology strongly preferred.
· Experience with commercial and freeware governance, risk, and compliance tools such as
Modulo Risk Manager, RSAM, or TruArx.
· Experience with other compliance areas such as: FISMA/NIST, FFIEC, GLBA, and PCI.
· CISSP, CISM or CISA certifications
Ideal Personal Characteristics:
· Proven ability to interact with company and business leaders at the “C” level (e.g. CIO, CFO, CSO)
· Strong, creative problem solving and analytical thinking
· Willing to accept new challenges and learn in new areas; strong communication skills
· Flexibility and responsive to changing situations; adaptable
In addition to a career in the challenging world of computer and network security, Sword & Shield Enterprise Security, Inc. offers competitive salaries, full benefits, participation in 401(k), and opportunities for professional growth and development. We offer the opportunity to work with cutting-edge security technologies in a stimulating work environment.
If you are interested in joining us, E-mail your letter and resume to jobs@sses.net
Service Delivery Manager V – Security Operations Service
Full-Time
Overview:
If you want to make a positive difference and stand out from the crowd, you’ll fit in at The Standard (www.standard.com). Through our retirement plans and insurance products and services, we help provide people with the financial security and confidence to pursue their dreams. Come join us and share our passion for serving our customers in a positively different way.
Responsibilities:
Basic Responsibilities:
• Responsible for ensuring assigned services (i.e. network, end-user, etc.) are working effectively in production per the service level established. Work with vendors, stakeholders and other IT partners to ensure those service levels are met.
• Responsible for the lifecycle management of how the service is supported including how incidents are handled and resolved and how services are requested, approved and provisioned. Work with other IT stakeholders and partners to influence the design of new services that indirectly or directly impact current services.
• Manages the day to day operational relationship and monitors the performance of information technology vendors contracted for the delivery of outsourced services. Work closely with the information technology user groups and contracted service providers to assess internal needs and vendor performance.
• Perform cost and spend analysis to identify cost effective solutions for existing and future contracts. Work with IT supplier management to forecast and adjust contracts as necessary to achieve cost and SLA objectives.
Critical Competencies:
• Strong sense of accountability for the assigned services. Takes ownership of problems or issues and drives to resolution. Works proactively across all aspects of IT, business and vendor partnerships to achieve results. Work very effectively in a team environment.
• Excellent written and oral communication skills. Ability to communicate issues, strategies and technologies in terms that various audiences can understand. Ability to put together comprehensive documents or presentations in support of the services owned.
• Ability to quantify performance of services through use of data. Ability to identify and measure key performance indicators necessary to evaluate quality or cost of services.
• Excellent understanding of industry trends within the services supported. Ability to identify and leverage best practices within the services from both a technology and support perspective.
• Excellent customer service skills. Thorough understanding of business processes and supporting applications and services within The Standard.
• ITIL Foundations Certified (minimum).
General Technical Competencies:
• Good understanding of underlying technologies supporting assigned service. Ability to articulate various components, protocols, technologies and methods used to deliver service. Ability to understand and challenge detailed designs associated with assigned service.
• Ability to convey usage patterns, use cases and best practices for utilizing the technologies associated with the assigned service. Ability to assist with developing solutions or workarounds to critical service outages or problems. Ability to review and challenge detailed service designs with respect to technologies, cost or service delivery methods.
• Very good understanding of how business processes utilize underlying technologies within the assigned service.
Qualifications:
Education & Experience:
Typically requires minimum 10 years experience, or the equivalent combination of education/experience.
Specific Technical Competencies:
• In depth understanding of information security practices and application of information security policies to infrastructure.
• Excellent understanding of security monitoring techniques, technologies, and controls. Very good understanding of physical security and mitigation strategies.
• Very good understanding of regulatory requirements (i.e. HIPPA, SOX) as it applies to information security.
• Advanced security certifications are highly desired (CISSP, CRISC, CISM, etc.).
Standard Insurance Company, The Standard Life Insurance Company of New York, Standard Retirement Services, Inc., StanCorp Equities, Inc. and StanCorp Investment Advisers, Inc., marketed as The Standard, are Affirmative Action/Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, national origin, gender, sexual orientation, age or any other condition protected by federal, state or local law. The Standard offers a drug and alcohol free work environment where possession, manufacture, transfer, offer, use of or being impaired by an illegal substance while on Standard property, or in other cases which the company believes might affect operations, safety or reputation of the company is prohibited. The Standard requires a criminal background investigation, drug test, employment, education and licensing verification as a condition of employment. All employees of The Standard must be bondable.
To apply for this job, go to this link: https://jobs-standard.icims.com/jobs/9764/login
