Posts Tagged ‘ cissp ’

Security Product Marketing Manager – Insurance vertical Cybersecurity – Dallas

The Lead Product Marketing Manager for Cybersecurity Insurance is responsible for contributing to the value proposition development and driving sales of cyber insurance services, building relationships with key customers, and ensuring services are aligned with the priorities of AT&T to drive affinity and influence revenues.

 

 

 

Key Roles and Responsibilities:

 

Alliance Development & Management

  • Develop alliances with brokers, insurers and reinsurers
  • Prioritize AT&T security products and services assets to include with cyber insurance services
  • Manage alliances with potential third party security product / service providers to supplement offering- coordinate actions across the firm

 

Evangelize & Educate

  • Evangelize cyber insurance initiative
  • Contribute to cyber security and cyber insurance thought leadership
  • Resource for training and education

 

Coordinate In-Bound Opportunities

  • Evaluate new alliance opportunities and insurance offerings
  • Responsible for lead generation, closing opportunities and delivering revenue

 

Additional responsibilities:

  • Risk / Metrics / Assessment  / Threat Tools Dev
  • Training and Cyber Capability Measurement and Scoring Programs
  • Product Development & Bundle Creation based on quantitative risk reduction analysis

Qualifications:

  • 7+ years of industry and consulting experience (knowledge of insurance industry a plus)
  • Experience in crafting large and complex sales opportunities required
  • Proven ability to build relationships across the C-suite
  • Experience in cyber underwriting highly desirable
  • Experience with data analytics / predictive modeling / actuarial modeling highly desirable
  • Previous experience in a cross functional role
  • Ability to clear a criminal background check and drug test.

#security

Senior Security Professionals – GRC – Anywhere USA – Fortune 10

cisspJob Area: Information Security Consulting

Title: Senior Consultant

Experience: 5-8 yrs in Information security

Location: Anywhere in USA

Travel: (mostly in region – mix of onsite and remote )

AT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company). AT&T is looking for an

information security practitioner with technical experience for the position of a Senior Consultant

located in the continental US to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as secure network

architecture design, implementation, device configuration review, and secure architecture reviews.

AT&T Security Consulting clients range from some of the largest companies in the world to small

businesses requiring security consulting expertise.

Job Duties:

Key functions of this role will be to work on network security and architecture trusted advisor

engagements for our customers involving segmentation and optimization, DDoS mitigation, firewall

migration/optimization, detailed assessment and next-generation design recommendations. Manual

and automated configuration analysis for security weaknesses in firewalls, routers, switches, servers

(Windows, Unix/Linux), IDS/IDP, Databases, and other platforms as well as VoIP infrastructures will also

be required. Successful candidates will have demonstrated experience in network security consulting

and will have an understanding of network level risk assessments with the ability to write objective,

detailed reports explaining security issues. A background in Network Architecture and Engineering is

required. Technical knowledge and experience with configuration review tools such as Nessus, Nipper,

AlgoSec Firewall Analyzer, Tufin SecureTrack or NetBrain as well as Unix/Linux scripting (php, perl, shell,

etc.) will be given preference.

Requirements:

 Bachelors degree in Computer Science or related fields, Masters Degree preferred

 A minimum of four years of Information Security consulting with mid to advanced level

infrastructure security design experience required

 Very good understanding of security operations & management in a large customer environment

 Knowledge of Linux, UNIX, Windows (including Active Directory) and other operating systems

 Knowledge of popular databases such as MSSQL, Oracle, and MySQL

 Knowledge of VoIP infrastructures

 Ability to write customized scripts using at least two of bash, Perl, PHP, Python preferred

 Must possess strong network device implementation/integration and troubleshooting skills

 Must be able to demonstrate in-depth expertise with multiple network device and firewall

platforms, including at least 3 of the following:

o Palo Alto

o Fortinet

o Cisco ASA

o Cisco IOS and NX-OS routers/switches

o Check Point

o Juniper Netscreen

o Juniper SRX

 Must be a flexible team player, hard-working, and posses excellent communication and customer-

facing skills

 Must be self-directed, able to manage solo projects or participate as part of a larger team

 Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

 Must be able to interact confidently with all levels of technical and management client teams

 One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

 Ability to travel 50%-75%, mostly within region, must possess drivers’ license

Technical Skills

 Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

 Strong technical problem / resolution skills required

 Knowledge and experience with technical network and host-based security required.

 Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

 Mid to advanced level systems administration (UNIX/Linux, Windows, or database)

 Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

 Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

o routing/switching, including BGP, OSPF,v2/3 RIPv2 & EIGRP

Additional Requirements

 Knowledge and experience with risk and compliance assessments

 SCADA / Control systems network experience a plus

 Bi-lingual candidates a plus

Immediate Opportunities on our PCI Team – Must have active QSA – Anywhere USA

geek it

AT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company).

 

AT&T is looking for an information security practitioner with technical experience for the position of a Senior Consultant to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as network

penetration testing, device configuration review, and secure architecture reviews. AT&T Security

Consulting clients range from some of the largest companies in the world to small businesses requiring

security consulting expertise.

Job Duties:

Key functions of this role will be to work on security and privacy consulting engagements for our

customers. Successful candidates will have demonstrated experience in security consulting and will

have an understanding of the business-technology interface; they will be able to understand business

environments/issues and have the ability to link them to technology at a high level. Experience with

network penetration testing is required. Technical security knowledge and experience with compliance

assessments such as PCI-DSS and ISO 27002 will be given preference.

Requirements:

• Bachelors degree in Computer Science or related fields, Masters Degree preferred

• A minimum of four years of Information Security consulting experience required

• Very good understanding of security operation & management in a large customer environment

• Must be a flexible team player, hard-working, and posses excellent communication and customer-
facing skills

• Must be self-directed, able to manage solo projects or participate as part of a larger team

• Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

• Creativity in finding cost-effective remediation solutions acceptable to our clients

• Must be able to interact confidently with all levels of technical and management client teams

• One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

• Ability to travel, mostly within region, must possess drivers’ license

Technical Skills

• Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

• Strong technical problem / resolution skills required

• Knowledge and experience with technical network and host-based security required.

• Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

• Mid to advanced level systems administration (UNIX/Linux, Windows, or mainframe)

• Knowledge with different application architectures and platforms, their development challenges,

their control configurations, and their inherent security strengths and weaknesses (e.g., ColdFusion,

J2EE, .Net) preferred

• Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

• Mid to advanced level knowledge of Penetration testing (network, system and application) required

• Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

• Vendor certification or demonstrable in-depth technical expertise with at least three major security

solution

o Examples Only: Symantec, McAfee, VeriSign, Juniper, Checkpoint, Cisco, Arcsite, Tripwire,

o Demonstrable experience includes being able to gather customer requirements, design a

etc.

solution, specify a build of materials, implement, tune/optimize, maintain or troubleshoot at

an architecture component level for an existing solution

Additional Requirements

• Knowledge and experience with risk and compliance assessments

• Familiar with retail information security challenges a plus

• Bi-lingual candidates a plus

100% Confidential

New England – PCI active QSA – Full time – We ROC

NewEnglandflagAT&T Security Solutions is a division of AT&T (a Fortune Global Top 10 company). AT&T is looking for

an information security practitioner with technical experience for the position of a Senior Consultant

located in the western US to be a part of a dynamic team of experienced security professionals with

varied experiences. Candidate must be skilled in Secure Infrastructure Services such as network

penetration testing, device configuration review, and secure architecture reviews. AT&T Security

Consulting clients range from some of the largest companies in the world to small businesses requiring

security consulting expertise.

Job Duties:

Key functions of this role will be to work on security and privacy consulting engagements for our

customers. Successful candidates will have demonstrated experience in security consulting and will

have an understanding of the business-technology interface; they will be able to understand business

environments/issues and have the ability to link them to technology at a high level. Experience with

network penetration testing is required. Technical security knowledge and experience with compliance

assessments such as PCI-DSS and ISO 27002 will be given preference.

Requirements:

• Bachelors degree in Computer Science or related fields, Masters Degree preferred

• A minimum of four years of Information Security consulting experience required

• Very good understanding of security operation & management in a large customer environment

• Must be a flexible team player, hard-working, and posses excellent communication and customer-
facing skills

• Must be self-directed, able to manage solo projects or participate as part of a larger team

• Strong report writing skills and ability to explain complex security issues to customers in a formal

presentation format required

• Creativity in finding cost-effective remediation solutions acceptable to our clients

• Must be able to interact confidently with all levels of technical and management client teams

• One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and

willingness to pursue further certification preferred.

• Ability to travel, mostly within region, must possess drivers’ license

Technical Skills

• Knowledge and experience with risk and compliance projects dealing with a variety of regulatory

and voluntary compliance standards such as: PCI-DSS, ISO 27000 series, federal and state security

and privacy regulations, HIPAA/HITECH, HiTrust, GLBA, SOX 404,etc. preferred

• Strong technical problem / resolution skills required

• Knowledge and experience with technical network and host-based security required.

• Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

• Mid to advanced level systems administration (UNIX/Linux, Windows, or mainframe)

• Knowledge with different application architectures and platforms, their development challenges,

their control configurations, and their inherent security strengths and weaknesses (e.g., ColdFusion,

J2EE, .Net) preferred

• Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

• Mid to advanced level knowledge of Penetration testing (network, system and application) required

• Mid to advanced level knowledge of one or more of the following preferred:

o Vulnerability scanning

o Application development

o Policy development

o Forensics

o Security event monitoring

• Vendor certification or demonstrable in-depth technical expertise with at least three major security

solution

o Examples Only: Symantec, McAfee, VeriSign, Juniper, Checkpoint, Cisco, Arcsite, Tripwire,

o Demonstrable experience includes being able to gather customer requirements, design a

etc.

solution, specify a build of materials, implement, tune/optimize, maintain or troubleshoot at

an architecture component level for an existing solution

Additional Requirements

• Knowledge and experience with risk and compliance assessments

• Familiar with retail information security challenges a plus

• Bi-lingual candidates a plus

PS SR CONSULTANTS – FULL TIME – ANYWHERE USA

 

chuck roznos

Now hiring, CCIE’s, PCI-QSA’s, GRC, UC (Cisco and LYNC EV), Juniper (QFX) Full time with the most elite PS team on the planet. We deliver solutions not products.

 

GRC Security Senior Consultant – att Security Solutions

cissp

 

The Governance, Risk and Compliance Security Practice of Consulting Solutions is looking for qualified persons to join its team of world-class security and information risk management professionals.

 

 

This position will be focused on providing guidance around security and privacy regulatory and industry standard requirements to our portfolio of Fortune 500 clients, conducting security risk assessments, and working with the practice leadership to keep abreast of developments in the information security space from both a strategic and technical perspective.

Key job responsibilities will include:

  • Conduct information security assessments using industry accepted best practices and approaches to support enterprise business goals and objectives
  • Evaluate information security risk in context of business environment and industry requirements
  • Consult with clients on information security best practices and provide guidance on cost-effective strategies for implementation of security
  • Follow standard methodologies and develop new and innovative processes for delivering information security solutions
  • Focus on results and ability to work within tight timelines
  • Demonstrated ability to learn and apply critical thinking to a variety of situations
  • Design deliverable content to precisely reflect the engagement contract and client needs
  • Work with clients to help them understand where improvements could be made, and propose scenarios and solutions to address these areas of improvement
  • Build and nurture positive working relationships with clients with the intention to exceed client expectations

 

Required Qualifications

  • BA/BS in information technology, business administration, or related field preferred
  • 5-7 years of experience in information risk management, security governance, program development, regulatory and controls experience
  • CISSP, CISM, or CISA certification a plus and preferred
  • Solid understanding of the evolving security and privacy controls environment, regulatory landscape and risk management techniques, principles and practices
  • Experience performing risk and compliance assessments and in-depth knowledge of industry standards and regulatory requirements (e.g., HIPAA, HITRUST, HITECH, FISMA, NIST, ISO 2700X, COBIT, FFIEC, NERC CIP, etc.)
  • Experience and firm understanding of the development and implementation of information security policies, standards and related procedures
  • Ability to provide risk-based recommendations based upon the size and complexity of the client’s organization
  • Ability to educate clients of the risk implications associated with a particular business decision, and communicate the likelihood and impact of those decisions so clients can fully quantify those risks
  • Ability to translate complex technical information across all levels of the organization
  • Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors
  • Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction in a global, matrix-management environment
  • Strong business acumen and process-oriented thinking
  • Excellent presentation and issue resolution skills
  • Written communication skills for use in preparing formal documentation including deliverables, Statements of Work, proposals, white papers, and case studies
  • Verbal skills that include the ability to clearly articulate thoughts, be persuasive and to deliver presentation and training to all levels of management
  • Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action
  • Ability to interface with C-levels, as well as tactical implementers
  • Positive customer service and team attitude (helping others when required)
  • Able to manage projects from inception to successful implementation
  • Able to foster working relationships with the team and clients
  • Strong investigative and analysis skills with the ability to handle confidential information
  • Ability to travel
  • Keeps informed of advances in information security; self-motivator

 

Additional Qualifications

  • Consulting experience is a plus
  • Privacy experience a plus
  • Application development and understanding of SDLC is a plus
  • Understanding of available security tools and technologies