Specialist Information Security

Designs, develops, modifies, adapts and implements short- and long-term solutions to information technology (IT) needs through new and existing applications, systems architecture, network systems and applications infrastructure. Reviews system requirements and business processes; codes, tests, debugs and implements software solutions.

• Under general supervision, implements and troubleshoots various information systems security software, following policies and procedures.
• Under general supervision, tests and validates solutions to remediate exploitable conditions on devices such as Web servers, mail servers, routers, firewalls and intrusion detection systems following established policies and procedures.
• Under general supervision, evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g. viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning, and Web services manipulation.
• Under general supervision, conducts security assessments of systems, networks and applications using penetration tests and ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities.  Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
• Has technical knowledge of security issues, techniques and implications across all existing computer platforms.
• Develops security solutions for routine to moderately assignments.

• Education Required:  Degree qualified in Computers Science, Information Systems or other related discipline, or equivalent work experience.    
• Experience Required:  At least 3 years
• Special Qualifications:   Is working towards any of the following Certifications and/or Professionalization status: CCIE (certified CISCO Internet Engineer), MCSE certification; GIAC Certified Windows Security Administrator (GCWN); GSEC, GCFW, GCIA, GCIH, GISO, GSNA, GCFA, GSLC; CISA, CISSP certifications; CIPP (Certified Information Privacy Professional).

Come as You Are

Nasdaq is an equal opportunity employer. We positively encourage applications from suitably qualified and eligible candidates regardless of age, color, disability, national origin, ancestry, race, religion, gender, sexual orientation, gender identity and/or expression, veteran status, genetic information, or any other status protected by applicable law.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.