Jobe Details

IT Risk and Security Specialist Posted on: 05/01/2019

Infinity Consulting Solutions, Inc
  • 5 to 7 Year(s)
  • -
  • NEW YORK-10014, NY, US

VMware Certified

  • Job Description


    IT Risk and Security Specialist


    Under the direction of the IT manager, he/she should:

    Be responsible for branches’ IT compliance with all related rules, regulations, guidance from regulatory entities or committee such as OCC, FFIEC and other applicable regulatory requirements by conduct periodic reviewing, analysis and implementing the recommendations, new publish or alerts from regulatory entities.

    Be responsible for evaluating and drafting the policies, procedures and standard to meet the regulatory requirements.

    Be responsible for monitoring branches’ IT operations and activities to comply with internal policies, procedures and standard, reporting of IT risk profiles and status, proposing and implementing IT risk mitigation actions.

    Be responsible for developing, enhancing and implementing IT risk management program including identification, measurement, assessment, mitigation and monitoring.

    Assist IT manager to oversee and manage in the aspects of IT governance, system operation, information security, network and infrastructure maintenance, software acquisition, third party management, incident response, BCP and Contingency Plan, and project management.

    Assist IT manager to communicate and coordinate with the U.S. regulators or examiner, internal and external auditors to ensure the concerns of examiner or auditor can be fully understand and addressed.

    Act as the Key resource for disaster recovery design, planning and execution for standing up strategic virtual workloads at the DR site using Veeam ahead of the upcoming data center move to a co-location facility.

    Lead Virtualization infrastructure DRP improvements, implementation and testing to ensure compliance to standard procedures and regulatory requirements.

    Provide escalation technical support and issues resolution of Windows-based servers and
    MS Active Directory environments. Support group policy creation and deployment across domains.

    Ensure team is complying with patching standards for IT Infrastructure along with Windows servers and Network Devices across the enterprise.

    Interact with business and local technical resources to ensure their understanding and participation, as needed, in upcoming changes

    Participate in Change Management and Problem Management.


    Good knowledge in IT management, IT risk management framework, IT risk assessment and testing, cyber security, third party management, IT operation, inventory and patch management, BCP, incident response, and etc.

    More than 10 years of professional experience in IT management, IT risk management, IT compliance risk assessment and testing, cyber security, third party management, and etc.

    Rich experience in communicating with regulators of OCC, Client and implementing the corrective action plan for regulator’s concerns with satisfactory results.

    Familiar with the regulation, laws and regulatory guidance related to IT such as OCC guidance, Client, NIST, FFIEC, COBIT5, and etc.

    10+ years’ experience in virtualization/virtual system administration in a VMware environment. Substantial experience with VMWare 6.0 strongly preferred. Experience should include designing, implementing and managing multiple virtual environments and switch route vlans. VMware Certified Professional (VCP) or VMware Certified Advanced
    Professional (VCAP) strongly preferred.

    5+ years in using Veeam to create and maintain robust Backup and Recovery capabilities that deliver backup, recovery and replication for VMware environments, applications and data, Substantial experience with Veeam 9.0 or better strongly preferred.

    Experience in Data Center moves that involved using Veeam and/or DR tools as part of the data and infrastructure move activities is preferred.

    Experience in executing a DR Strategy in a real-world situation is a plus.

    Strong knowledge of Microsoft server 2003/2008/2012. Experience with Microsoft AD environment, MS Exchange Mail System. Must be knowledgeable of shares, folders and
    permissions. MCSE and MCITP certifications preferred.

    5+ years’ experience with storage architecture and administration. Knowledge of EMC, Dell Equallogic is preferred

    5+ years of expertise in implementing, administering, and troubleshooting network infrastructure devices, including: firewalls, routers, switches,, and monitoring applications

    Excellent people skills with ability to handle difficult personnel situations. Ability to establish rapport with business and technical resources. Ability to communicate effectively with technical and non-technical audiences.

    Have strong written and oral communication skills in English and Mandarin, and be self-motivated and with strong responsibility.

    Hold professional certifications of CISSP, CISA, ISACA is a good plus.

  • Security Operations
    Information Technology
  • No Preference
    Contract Only
  • Candidate Requirements
  • Walkin Information
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY, US
Advertise with Us,