Skills:
Understanding and Knowledge of CISSP. CISSP (10 domains) common body of knowledge includes but not limited to: 1. Information Security and Risk Management 2. Access Control 3. Security Architecture and Design 4. Physical and Environmental Security 5. Telecommunications and Network Security 6. Cryptography 7. Business Continuity and Disaster Recovery 8. Legal, Regulations, Compliance and Investigations 9. Application Security 10. Operation Security End User Application, Security Protection, Programming, (sample list): MS: Power Point, Excel, Project, Access and Word Microsoft Operating Systems: NT, 2000, XP, Vista, Server 2003 FDA : EASE, eArrive and IDMS DBs Security Assessments and Policy/Procedure development using (as suitable): FISMA FIPS encryption requirements, NIST 140-2 and other appropriate documents NIST [] and other appropriate documents NIST [] C&A NIST [] Penetration Testing [] ISO 17799 and new ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27004, ISO/IEC 27005, ISO/IEC 27006, ISO/IEC 27799 Security Concepts of Operations (SCONOPS) SANS / CIS Security Guidelines GLBA Requirements FERPA Requirements Federal Desktop Core Configuration (FDCC) Security Content Automation Protocol (SCAP) Information and Network Security Practices Software and Hardware: CheckPoint Firewall-1 firewall, Provider-1 enterprise management system, security appliances McAfee ePolicy Orchestrator (ePO) Security Management Platform Novell ZenWorks enterprise system management system Microsoft ForeFront systems and Security Assessment tools Microsoft Windows Update System (WUS) and System Management Server (SMS) CISCO routers/switches, PIX firewalls, load-balancing devices, wireless LAN controllers/access points RSA SecureID servers and tokens for remote access, VPN authorization, access authentication Norton Security Suite for workstations, servers and networks Vulnerability Assessment / Scanning Software and Hardware (sample list): Router Auditing Tool (RAT), NESSUS, Retina, Instagate eSoft, PSTools, Ethereal, Netcat, NMAP, McAfee Vulnerability Manager, NEWT, Metasploit, Snort, HFNetCheck, Foundstone SuperScan, DumpEVT, Dumpsec Configuration/Build/Release Management Version Control: Subversion or Git; Build Automation: Maven or Ant; Continuous Integration: Jenkins or Hudson; Repository Manager: Nexus Pro or Artifactory; Serena CM PVCS, KonfigCM, JIRA Issue/Bug Tracker General Business, Web Publishing, Print Industry Software and Hardware MS Excel, Word, PowerPoint, Visio, Access, Outlook, Project; Publishing Products: CS5 Photoshop, Acrobat PDF, InDesign, Illustrator, Dreamweaver, Flash QuarkXpress; Web programming & processing applications including: HTML5 & XML, Joomla, CSS3, PHP 4, MySQL, Javascript, Ajax, ActionScript 3 and WordPress, PDF workflow for large document printing, Postscript language, Creo/Prinergy Digital Workflow