Global CERT Coordinator - NY - $150k-$200k - Job #781

My client is a prestigious financial services company in NY seeking a Global CERT Coordinator. This is a dynamic position with extremely high level exposure. A successful candidate is someone who is likely from a military background yet commercially minded. They must be skilled at command and control and possess the ability to take charge in times of crisis.

Position Title: Global CERT Coordinator
Our job reference #781
Location: New York
Compensation: Total Compensation $150,000 - $200,000

Description:
This role owns the process for the continuous improvement to the firm’s CERT process and virtual teams. This role is split into three discrete areas:
* Defining and owning the emergency response/react process and along,
with other senior InfoSec and Technology staff, being prime first responder and coordinator of incidents.
* Defining and owning the alert (vulnerability and threat notification)
process operated across the three Regional InfoSec teams and being responsible for maintaining vulnerability/threat heat maps for management reporting.
* Defining and owning the firm’s forward intelligence gathering process
including external liaison to relevant agencies as well as operating the firm’s open source intelligence activities.

Key Responsibilities:

Incident Response
* Coordinate firm-wide response to external and internal information
security incidents. Presence of mind to command during emergencies a must. o Coordinate both technical actions and inclusion of other parts of the firm: legal, public relations, business continuity, operational risk, business divisions
o Prepare and maintain response plans for key information security events, such as intrusions, viruses, defacements, and denial of service attacks
* Write and coordinate incident closure reports for senior management,
including events summary, timeline, key causes, and lessons learned

Vulnerability Response
* Coordinate firm-wide response to key computer vulnerabilities. Ensure
Microsoft, Unix, and networking communities are apprised of, and are responding to, potential problems.
* Assist in the triage of new potential vulnerabilities.

Intelligence Response
* Monitor threats to the firm’s personnel, property, and business and
notify appropriate sectors of the firm, such as Corporate Security or Legal Departments.

Miscellaneous
* Serve as part of the firm’s Incident Learning Network.

• War game and scenario planning for events.
• Senior management reporting.
• Representing the firm on relevant external groups e.g. FS/ISAC.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Other Key Relationships:
* Corporate Security.

• Management Controls Division.
• Business Continuity Planning and Crisis Management.
• Regional and Divisional Heads of Information Security.
• Business Unit Technology Management.

• Global Control and Compliance Committee.

Skills:
* Five to ten years experience in information security or related fields
preferred.
* Bachelor’s and Master's degree preferred, or other professional
qualifications. Industry certifications such as GIAC, CISSP etc. desirable but not necessary.
* Written and verbal communication skills a must; strong interpersonal
skills essential. Job requires frequent interaction with Chief Information Security Officer, vice presidents, and managing directors.
* Must understand general information security operations, especially
including intrusion detection and incident response.
* The role forms part of the firm’s senior InfoSec management team so a
reasonable broad based understanding of security, technology and business is necessary.
* Demonstrated management ability and a track record of success in the
field. Wide experience of technology platforms and a proven ability to lead projects and wide-ranging change initiatives.

Other Information:
* The role may involve periodic, but not intensive, travel to any place
the firm operates.
* The nature of the role will involve flexibility to respond to out of
hours calls, but is by no means an operations role.

Contact: Joyce Brocaglia
Alta Associates, Inc.
Phone: 908-806-8442
e-mail: joyce@altaassociates.com Received on Fri May 9 14:01:40 2003