Strong proficiency and/or previous experience securing the following:Microsoft Office Suite (Traditional / Office 365)Google G SuiteMicrosoft Server PlatformsMicrosoft Endpoint PlatformsOS X/MacOSLinux: Debian, CentOSFirewalls: Palo Alto Networks, CiscoEndpoint Security: Symantec, Sentinel OneSIEM and Logging: Splunk, LogRythymDDoS: Radware, Arbor NetworksVulnerability Management: Nexpose, OpenVAS, Burp, ZAPWAF: Citrix NetScaler, ImpervaDatabases: Microsoft SQL Server, OracleDBApplication Servers: Microsoft IIS, Apache, NginxEcosystems: Microsoft .Net, Java, PHP
Contract W2, Contract Independent
Depends on Experience
Work from home not available
Travel not required
Position SummaryResponsible for support and operation of security infrastructure, monitoring systems, and reporting tools. Assists in managing security-related configurations, platform hardening, and other control systems for servers, network devices, cloud environments, and software solutions. Evaluate IT service requests for security concerns and potential issues, providing feedback to stakeholders. Integrate with IT infrastructure and application development projects to represent security concerns and initiatives. May lead small security projects related to administration efforts.
Responsibilities Contribute to the development of Information Security policies, standards and procedures. Assist operations and development teams in aligning operating procedures with information security best practices. Participate (and captain) Security Incident Response Processes.
- Participates in enterprise security Red Team program and associated tabletop activities, analyses, and drills.
- Apply internal controls and security concepts in a wide variety of information technology processes and appropriately assess the exposures resulting from ineffective or missing controls.
- Participate (and lead) enterprise vulnerability management program and associated operational processes.
- Coordinate with development teams around application security best practices, application vulnerability scanning, penetration testing, and data privacy processes.
- Serve as an internal information security consultant to business, development, and infrastructure teams, advising internal business units with current information about best practices, changes to the threat landscape and security related regulatory issues.
- Within the area of assigned responsibilities, provides direct training to all employees, contractors, alliances, or other third parties, ensuring proper information access in accordance with established organizational information security policies and procedures
- Performs other related duties and participates in special projects as assigned.
- Bachelor degree in discipline related to functional work or role with 4-7 years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience.
- Ability to solve complex problems with minimal supervision using sound logic and analytic methods.
- Excellent written and verbal communication skills with ability to state messages in a clear and concise manner that is understandable by both technical and non-technical teams.
- Must be able to proactively listen to others to understand issues and situations. Must be able to clearly articulate business needs to both internal and external customers.
- Strong proficiency and/or previous experience securing the following:
- Microsoft Office Suite (Traditional / Office 365)
- Google G Suite
- Microsoft Server Platforms
- Microsoft Endpoint Platforms
- OS X/MacOS
- Linux: Debian, CentOS
- Firewalls: Palo Alto Networks, Cisco
- Endpoint Security: Symantec, Sentinel One
- SIEM and Logging: Splunk, LogRythym
- DDoS: Radware, Arbor Networks
- Vulnerability Management: Nexpose, OpenVAS, Burp, ZAP
- WAF: Citrix NetScaler, Imperva
- Databases: Microsoft SQL Server, OracleDB
- Application Servers: Microsoft IIS, Apache, Nginx
- Ecosystems: Microsoft .Net, Java, PHP
- Previous experience leading sensitive investigations.
- Previous experience with customer and business-facing communication.
- Previous experience presenting in front of large groups and/or to executive leadership
- Previous experience with the concepts of application security (AppSec) including basic control structures and threats. Application vulnerability management and/or penetration testing a plus. RRD is an EEO/AA including Vets and Disabled Employer
Login & Apply