Specialist

Specialist - Sys/Data Security

As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting data security incidents. Provides technical support to client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups, State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience. Summary of Position/Responsibilities: ? Manages, plans, and administers the operational and administrative activities surrounding the Bank of America Information Security Program as applicable to GWMT ? Assists in the development of security standards, procedures, and guidelines for multiple platforms and diverse systems environments ? Development, testing, and implementation of security plans, products, and controls techniques ? Identification and assessment of IT security risk/exposure on new and existing infrastructure (Includes self assessments) ? Investigates and recommends appropriate corrective actions for IT and business area security incidents ? Liaises with business clients, other risk control groups, and EIM to administer information security policy and procedures. Imbedded with CTOs ? Schedules and executes penetration tests for GWMT ? Provides secure solutions to business problems