This job has expired, please see additional jobs below
Senior Analyst - Information Security
Viacom
Hollywood, CA, United States
Job Details - this job has expired, please see similar jobs below
Overview and Responsibilities
The Sr. Analyst job role requires a very motivated goal driven individual with strong interpersonal, communication and organizational skills. Must be detail oriented, with a strong work ethic, able to work with minimal supervision. The job role also requires an individual who will act as a technical liaison with groups within and outside of Media and Technology Services (MTS). The Sr. Analyst’s primary job role is to reduce risk to Viacom Information and Information Systems through the understanding and use of various data security technologies, applications, methodologies and industry standards.
Responsibilities may include, but are not limited to:
• Performing vulnerability scans, including analysis and coordinating remediation
• Conducting anomaly detection analysis and coordinating remediation
• Conducting intrusion detection analysis and coordinating remediation
• Participating in the planning and implementation of Viacom Information Security projects
• Participating in the review of projects, business units, and vendors to identify Information Security concerns
• Assist in performing risk evaluations and penetration assessments
• Supporting the company’s risk management program in a manner that fulfills strategic goals of the organization while complying with local, state and federal laws and accreditation standards
• Proactively identify creative risk solutions to enhance data security throughout the enterprise
• Participate in matters related to video content security and anti-piracy
• Assist in development of procedures and related guidelines
Basic Qualifications
Experience:
• Typical candidates will possess 5+ years in IT related field and 2+ years of full time Information Security Technical Program management experience.
Education:
• BA/BS degree or equivalent preferred
Required Skills:
• TCP/IP and other related protocols.
• Vulnerability scanning, intrusion detection, anomaly detection and associated technologies
• Tools, techniques and standards used to conduct network penetration testing of assets in a Windows, Unix and Linux platform
• Tools, techniques and standards used to conduct application penetration testing for applications that support but not limited to Java, JBoss, PHP, WebDev
• Layer 2, 3 and 4 infrastructure designs and functionality
• UNIX, Linux and FreeBSD and associate hardening best practices
• The latest hacking techniques and appropriate countermeasures.
• Firewalls, rule base analysis, stateful inspection, encryption and associated algorithms
• Common threat methodologies such as Sans and OWASP
• SQL, MySQL, Oracle and associated hardening best practices
• Experience of cloud security technologies and security best practice.
• Able to read, understand and interpret at least two of the following:
1. Packet captures
2. Regex expressions
3. Firewall Rules
4. Access Control lists
Core Skills
• Acts responsibly with sensitive and confidential information.
• Is creative and resourceful as a problem solver.
• Consistently demonstrates the drive to be deliver successfully even under difficult timelines.
• Has strong analytical, methodical, investigative and auditing skills.
• Knows when to make practical rational decisions that reduce risk to Viacom information and Information systems.
• Is a critical logical thinker who is efficient and orderly.
• Comfortable with being a project lead or a project resource.
• Travel domestically and internationally if required and with short notice.
• Must be reliable and available 24/7.
Additional Qualifications
Desired Skills:
Working knowledge of Information Security Policies and their development
Recognized security qualifications are desirable CISSP ENCE, GCIH, GCIA, CISM, ITIL
Technical – Functional knowledge of the following applications, technologies and protocols:
• Threat analysis including vulnerability scanning, intrusion detection, and log analysis.
• Operating system hardening best practices
• LDAP
• Familiarity with threat methodologies such as SANS and OWASP
• Familiarity with common database platforms (SQL, Oracle, MySQL, etc.)
• Endpoint security
• Data leakage prevention
• Wireless security
• Mobile device security
• Knowledge of industry standard audio and video file formats and transmission protocols