IT Security Architect

Job Description:The IT Security Architect will provide strategic planning, design, implementation and management of sophisticated information technology security solutions to the internal customer base domestically in the U.S., Canada, and Mexico. Essential Duties: This position will be accountable for researching, designing, engineering, implementing, and supporting information security systems (software & hardware) and utilizing in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer needs while protecting corporate assets. She/he will develop and implement security standards, procedures, and guidelines for multiple platforms and diverse environments. She/he will provide and maintain a complete defense in depth security architecture through configuration, operation, integration, and maintenance of existing and future network, computer, application, and information defense tools such as routers, firewalls, DMZ’s, intrusion detection systems, virtual private networks, vulnerability scanners, and anti-virus applications.• Review, analyze, synthesize and utilize information provided from the defensive tools and other boundary and internal protection devices. • Provide detailed audit log analysis for firewalls, network and host based intrusion detection logs, operating systems and application logs. • Implement standard information security procedures to provide security statistics to analyze/report trends and vulnerabilities and provide appropriate documentation. • Utilize industry-standard security best practices and policies to conduct detailed vulnerability assessments and implement recommended security safeguards to protect all United Rentals IT assets. • Determine the optimum locations for defense mechanisms to protect the enterprise. • Investigate, recommend and implement security tools to track vulnerabilities and intelligence assessments of broad computer network threats. • Design, document, implement, and assess information security policies. • Monitor and identify security incidents using intrusion detection systems, firewalls and other monitoring systems where applicable.• Ensure compliance with established security incident reporting procedures. • Evaluate and recommend courses of action in regard to evidence from an intrusion and/or an attack. Monitor security applications and hardware to ensure compliance with corporate policies and procedures with limited supervision• Analyze security breaches to determine probable cause and take immediate corrective actions• Participate in security risk and vulnerability assessments and address immediately any risks that would pose a significant threat to the company• Develop and implement security related policies based upon risk based systems analysis• Design, code, test, and execute security related software (scripts) to ensure the timely resolution of security related risks This position also requires knowledge of host and network based computer forensics as well as electronic data discovery relating to email and unstructured data.Assist in the review, implementation and maintenance of IT security technology and best practices• Attend vendor interviews and product demonstrations and provide input to management on software/hardware• Conduct the testing of security toolsJob Requirements:• Bachelor’s degree. CISSP or other related designation is preferred• Five plus years of network security experience in an information technology environment.• Must possess excellent communication skills (oral and written) and extensive knowledge with the following technology: MS, Unix/Linux, AS400, SSL, SQL, Ethernet, TCP/IP, Frame-Relay, Firewalls, Routers, Switches, RAID, LDAP, PBX, HTML, XML, Web Services, DNS, Encryption, SMTP, FTP, Shell Scripting, Perl, C, Java, IPSec, Intrusion Detection, and/or various security tools.• Designing network security architectures • Use of common networking ports, services and protocols and knowledge of the vulnerabilities associated with each • Designing, installing, configuring, customizing, and supporting network switching and routing equipment. • Developing and documenting firewall policies for UNIX based firewall appliances. • Development and deployment of Cisco Router Access Control Lists • Experience supporting large networks, over 2000 nodes in a heterogeneous environment. • Demonstrated experience with CISCO equipment • Use of common network traffic analysis tools such as Ethereal and TCP Dump. • Office environment. Sitting at the desk and working at the computer. Ability to lift 35 lbs. Must be able to respond to security events as required.