APPLICATION SECURITY ADMINISTRATOR

 

General Job Function/Description:

As a member of the Networks and Infrastructure Security team, responsible for the user base administration of enterprise applications, ensuring the integrity of sensitive data, maintaining privileges commensurate with industry standards and federal compliance. The Applications Security Administrator will work closely and coordinate efforts with network engineers and systems administrators to ensure network and/or directory rights to applications. Additional duties include, but are not limited to, overall responsibility for ensuring the integrity of PCF’s enterprise applications security.



Duties and Responsibilities:Conduct information security threat analyses on new and changed application development initiatives towards design, review, and incident response planning. Provide leadership on and in-depth assistance with the integration of information security within the application development life cycle. Review projects at relevant phases for both technical and operational information security vulnerabilities providing specific and prioritized recommendations for remediation. Reviews remediation activities for completeness. Arrange for and then manage vendor application penetration testing engagements. Discern, document, and achieve consensus on requirements for reusable information security services. Develop their design, plan their phasing and deployment, and arrange for and manage their ongoing administration and maintenance. Discern, document, and setup standard practices for application security audits. Document policy, procedures and create forms with required approval for application privileges. Serve as an internal information security consultant to application development. Determine and clearly communicate – quantitatively where possible – the information security risks to the application development and information security teams. Through education, oversight, review, and testing, assure compliance to security policies, standards, and procedures, including HIPPA and SOX compliance. Monitor and apply advancements and other trends in application security technologies. Monitor and apply changes in legislation and accreditation standards that affect application security, especially in the area of privacy and identity theft. Initiate, facilitate, and promote activities to foster information security awareness and education among application development. Work with Information security peers and manager to assure standards compliance on various platforms (e.g., OSs, databases, networks, etc.) upon which application development group relies for the operation of its applications. Provide information security consulting and subject matter expertise on new business and application initiatives. Identify threats and risks to the confidentiality, integrity and availability of all data residing on PCF information systems

KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED:Knowledge of current technological developments/trends in area of expertise. Strong knowledge in application security and limited network and server security. Advanced knowledge of the application development, credit card data storage and encryption technologies required for transferal of data in and out of the organization. Advanced knowledge and understanding of a range of computer and networking software related technologies. Ability to navigate within the applications with respect to the security environment, configure, and maintain the application security roles. Ability to analyze and assess application security requirements and determine optimum, cost-effective solutions. Ability to communicate technical information to non-technical personnel. Strong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community. Knowledge of computer security systems, applications, procedures and techniques. Ability to analyze complex problems and recommend/negotiate solutions. Strong knowledge of computers and related technologies. Maintains a broad knowledge of current and emerging application security threats. Knowledge and experience of administrating front-end applications and services such as IIS, .NET, Apache, Microsoft project, and Microsoft Share Point Expert knowledge and experience in secure application design and implementation, especially pertaining to networked and web-based applications Advanced verbal, written, and presentation skills -- particularly the ability to communicate professionally and effectively with a variety of staff levels

Education:

Associates degree and/or equivalent experience

EXPERIENCE:

Minimum 3 years experience. An industry certification and continued testing towards renewal of industry certification(s) such as, Security or SAP Security with 3 years experience may be substituted for a degree..

MUST HAVE SAP SECURITY EXPERIENCE

THIS POSITION CAN WORK OUT OF PENSACOLA FL,  ROCKLEIGH NJ OR ATLANTA GA

MUST APPLY AT: http://www.pcfcorp.com/careers.aspx

THIS JOB DESCRIPTION IS NOT INTENDED TO BE AND SHOULD NOT BE CONSTRUED AS AN ALL INCLUSIVE LIST OF ALL RESPONSIBILITIES, SKILLS, OR WORKING CONDITIONS ASSOCIATED WITH THE POSITION. WHILE IT IS INTENDED TO ACCURATELY REFLECT THE POSITION, ACTIVITIES, AND REQUIREMENTS, MANAGEMENT RESERVES THE RIGHT TO MODIFY, ADD TO, AND REMOVE DUTIES AND ASSIGN DUTIES AS NECESSARY.

7/2002

PCF Proprietary