Law

Position: Sr. UNIX System Compliance Specialist

Location: Fairfield CA

Duration: 6 months +

Interview: Phone and Skype

Start: ASAP

Department overview

Position summary

This position provides governance and communication products / services that support identification and implementation of security controls performed within UNIX systems and processes. Utilize a control framework / methodology to review, evaluate, and translate legal regulatory, and industry standards into control objectives that are focused on IT security risks.  Possess a senior UNIX administrator's knowledge of installation, configuration, maintenance and performance testing of various operating systems, related utilities, applications, and hardware. Develops procedures for routine administration including: design, patching, deploying software, implementing changes, and UNIX server configuration.  Provides recommendations for improving the server environment. Provides on call 24x7 support on a rotating basis is required.   All employees are responsible for performing their jobs in accordance with CLIENT's vision and values.

Responsibilities

• Develop, implement, and maintain programs that are designed to manage compliance with regulatory and/or enterprise requirements (NERC CIP, SOX, HIPAA, FCC, GOV 7001S, etc.)
• Facilitate a variety of compliance forums that are held to share information with impacted System and Business Process Owners
• Participate in cross functional mitigation reviews with the LOBs and/or 3rd party
• Performs Root Cause Analysis
• Participate in estimating the costs to mitigate open compliance findings
• Participate in developing the costs associated with risk avoidance
• Participate in sessions to determine the likelihood of risk occurrence for open compliance findings  
• Evaluate regulatory, legal, industry, and enterprise requirements (Authority Documents) and identify a normalized group of control objectives that can be applied across system and business processes to prevent, detect, or minimize risks associated with non-compliance to those requirements
• Evaluate the effectiveness of control activities designed to prevent, detect or mitigate it security risks 
• Review and validate evidence that has been provided in association with control gaps during an internal self-assessment.
• Collect and evaluate evidence for the controls in this area.
• Acts as lead in project implementation when appropriate.
• Leads installation, testing, troubleshooting, documentation, and production release of new enterprise applications.
• Scripts complex procedures and processes for automation.
• Mentors team members supporting enterprise computing technologies, work priorities, project management, and customer service.
• Exercises independent judgment and discretion in matters of significance with broad scope and high complexity
• Performs assigned tasks of moderate to high complexity using established procedures, standards, and guidelines
• Works independently or on multiple projects as a project team member, frequently as a project leader
• Works on medium to large, complex projects that require increased skill in multiple technical environments and knowledge of a specific business area
• Coaches and mentors staff
• Communicates new processes, conveys and gains support for making changes
• Understanding business domain and makes realistic, feasible recommendations and facilitates implementation of effective solutions
• Quickly understands the business issues of the organization.  Reviews and edits requirements, specifications, and recommendations.
• Applies technology or team leadership abilities

Qualification

Minimum

• AA/AS in Business or Information System related discipline
• 4 years of relevant technical  experience
• 2 year compliance, security, and/or compliance experience.
• Familiarity with regulatory requirements – SOX
• Strong audit skills
• Demonstrates advanced knowledge and technical competence
  
• Demonstrates advanced troubleshooting skills
• Demonstrates advanced understanding of Server OS, hardware, and related technologies
• Deep knowledge in key areas of: UNIX/Linux
• Ability to communicate new processes and convey changes to others, and gain organizational support for making changes
• Excellent verbal and written communication and presentation skills

Desired

• B.A. /B.S. degree or equivalent work experience in information system, computer science, business administration or other relevant field required.
• Working knowledge of generally applicable and accepted auditing standards and framework (e.g. COBIT, CAG 20 Critical Security Controls) and best practices for IT services management (e.g., ITIL), government guidelines and laws (e.g. Sarbanes Oxley Act, NERC/CIP, HIPAA, FCC).
  
• Strong understanding of regulatory requirements impacting the utility industry (SOX, HIPAA, NERC CIP, Smart Meter/Smart Grid, etc.) with subject matter expert knowledge in one or more areas
• Able to establish control objectives based on complex regulatory requirements, company
• 3 - 5 years of system administration experience
• At least 2 years of leading a team in an IT function
• Utility Experience
• CLIENT experience within the related line of business.
• Project lead and consulting experience
• May require certification applicable to the technology being supported.

Thanks and Regards

Arvind Nagar

Sr. Technical Recruiter

Email- arvind@idctechnologies.com

Direct-408-457-9381 Ext-4073 !! Gtalk- arvindnagar.777 !! Yahoo- arvindnagar951

Web: www.idctechnologies.com

IDC Technologies, Inc.,1851 McCarthy Boulevard, Suite 116, Milpitas, CA , USA, 95035