- Lead security assessments of customer systems, services, and programs, as well as provide oversight to less experienced staff.
- Analyze customer processes and configurations to verify that previously identified flaws have been corrected, and document the results.
- Develop approaches for industry-specific threat analyses, application-specific penetration tests, and the generation of vulnerability reports.
- Develop detailed remediation reports and recommendations for compliance and security improvements across industries based on changing threats.
- Develop and update a consistent approach to information security programs and ensure adherence with best practices.
TYPICAL EDUCATION AND EXPERIENCE: Bachelor’s degree or equivalent and 4+ years of related experience.
- Must possess at least a Secret clearance with the ability to be granted a Top Secret clearance.
- Clearly articulates technical requirements and other information in written documentation.
- Effectively communicates technical and nontechnical concepts to a variety of audiences.
- Communicates well with customer technical staff and management.
- Methodically gathers, documents, and presents specific customer requirements.
- Follows existing processes and procedures, and propose updates to such. Develop new processes and procedures as necessary.
- Works with minimal supervision, set priorities, and give attention to detail and quality.
- Demonstrates strong organizational and time-management skills: multitasking, working individually and with a team, having a positive attitude, being self-motivated and reliable, being trustworthy, having strong interpersonal and diplomatic skills, and being able to handle stress in a professional manner.
- Demonstrates technical skills in one or more focus areas (i.e. networking, messaging support (Exchange), Active Directory, system administration, etc.).
- Be proficient with Microsoft Office.
- Have knowledge and hands on experience with IT architecture and design (e.g., firewalls, intrusion detection systems, virtual private networking, virus protection technologies, LAN/WAN design, and/or general internetworking technologies).
- Understanding of risk management practices and security program development including change management, access control, and physical security.
- Understanding of the NIST Special Publications (SP) with emphasis on 800-37, 800-53, 800-53A
- IP network and security engineering experience including a basic understanding of IP routing, quality of service mechanisms, MPLS, and IPsec architectures.
- Hands on experience configuring, deploying, and managing mission critical network appliances such as routers, firewalls, IDS/IPS, DPI, etc.
- Hands on system administraqtion experience with various operating systems including Windows, AIX, BSD, z/OS, RHEL, SUSE, HPUX, QNX, etc.
- Hands on system administration experience with DB2, MS SQL, Oracle, Sybase, etc.
- Experience with various programming languages.
- Experience with system development lifecycles (SDLCs).
- Experience with change management processes.
Job Type: Contract
Salary: $45.00 /hour
- Information Security: 4 years
- networking/messaging support (Exchange)/Active Directory: 4 years
- NIST Special Publications (SP): 4 years
Required license or certification:
- Secret Clearance