IT Security Auditor
Insure network engineering designs are in compliance with Dow Jones network security standards. Align network engineering architecture strategies with the Dow Jones security model.
Develop engineering designs and architectural solutions to address security concerns. Lead inter-department teams to develop end-to-end reviews and audits of deployed network security solutions. Evaluate, select and deploy relevant tools in order to meet compliance and provide network security baselines for use by other members of the network engineering group. Conduct relevant infrastructure risk assessments to ensure compliance and adherence to published standards as part of routine network engineering self-assessment reviews. Provide clear and concise audit findings to identify network engineering, implementation, configuration and security gaps which require remediation. Provide input into the development of network engineering roadmaps and strategies to insure future designs are meet audit and security requirements. Participate in technical testing with other teams to ensure that network engineering security expectations are being met. Assist the information security team in the overall development of network security policies, procedures and guidelines. Respond to network intrusions and other incidents, as required.
· 7-10 years of work experience in the area of IP networking or information security.
· Five years of working experience in network security.
· Need to be a technical leader and subject matter expert on Network Security compliance
· Effective decision-making skills, excellent problem-solving and analytical skills, effective verbal and written communication skills, and high level of initiative and self-motivation.
· Ability to work independently and effective at building partnerships to facilitate the accomplishment of goals. Strong organizational/time-management skills.
· Effective at planning and leading meetings
· Experience working with Network Engineering and Information Security, and other technical and business groups to support the needs of the business.
· Knowledge of network access control solutions design and implementation
· Detailed knowledge of network security concepts (isolation, defense in depth) and associated implementations (multi-tiered firewalls, VLANs, virtual systems, etc.).
· Strong knowledge of storage, compute, and cloud infrastructures and security requirements and their integration with network architectures to produce full, secure solutions.
· CISA is a plus
Firewalls, Proxies, Network Intrusion Detection Systems, Switches, Routers, Load Balancers, VPN concentrators, and Sniffers.
· Extensive experience in firewall and authentication infrastructure including Palo Alto Firewalls, Juniper/NetScreen Firewalls, SSL/VPN Appliances.
o Design, Configuration and installation, and feature exploitation to address complex business needs
· Cisco Nexus Switches, Routers, TCP/IP, Routing Protocols (OSPF, BGP, RIP, etc), High Availability protocols, Voice Over IP, IPSec, GRE, VRF, SSL.
· Detailed knowledge of IOS, Microsoft Windows, Linux, and UNIX.
· Netscaler Load balancers, BlueCoat Proxy Appliances, HP and IBM Blade Centers, Cisco UCS technology, Forescout Network Access Control.
EDUCATION AND TRAINING
· BSEE in Information Technology or related discipline.
Dow Jones, Making Careers NewsWorthy
At Dow Jones our Managers work to meet our equal opportunity and affirmative action objectives and our Employees help to foster a professional, welcoming and encouraging environment.