Jobe Details


Information Security Analyst Posted on: 06/04/2019

Infinity Consulting Solutions, Inc
  • -
  • -
  • HICKORY-28602, NC, US

MS PowerPoint, interpersonal skills

  • Job Description

    INFORMATION SECURITY ANALYST

    HICKORY, NORTH CAROLINA

    6 MONTH ASSIGNMENT + OPPORTUNITY FOR FULL TIME

    Openings: 1

    ICS is hiring for an individual contributor supporting the continual maintenance and improvement of an Enterprise Vulnerability Management program and related processes.

    The position will work collaboratively with the corporate business groups to ensure a consistent and integrated approach is applied to Vulnerability Management and Forensics which aligns to the overall business mandate.

    As a representative of Enterprise Information Security (EIS) the position supports the appropriate design, implementation, and/or execution of the Risk Management, Vulnerability Management and Digital Forensic Functions.

    This position requires strong technical skills, tenacious individual with strong communication, problem-solving, relationship and consensus-building skills and a high degree of personal initiative and attention to detail.

    WHAT YOU’LL DO:

    Serve as a trusted advisor for security risk management and vulnerability management functions for information security

    Perform routine risk related security assessments encompassing engagement activities, intelligence gathering, threat modeling, vulnerability analysis, exploitation and reporting

    Provide support for risk assessment, vulnerability analysis, risk mitigation, and digital forensic investigations

    Assist with information system security vulnerability scanning to Client and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components

    Perform compliance management activities by analyzing implementation of configurations and hardening configurations for networks, operating systems, applications, databases, and other information system components

    Engage with stakeholders, to include IT professionals, management, and auditors to facilitate vulnerability discovery and remediation

    Communicate security and compliance issues in an effective and appropriate manner

    Recommend and validate appropriate remedial actions to mitigate risks and ensure information systems employ the appropriate level of information security controls

    Assist in development and implementation of information security vulnerability management policies, procedures, and standards based on National Institute of Standards and Technology (NIST) 800-53 standards, best practices, and compliance requirements.

    WHAT YOU’LL NEED:

    Bachelor’s degree in a related curriculum and 3-5 years related experience

    Information security experience with focus on vulnerability management, penetration testing and/or forensic investigations preferred

    CISSP, CRISC or CISM preferred

    Familiar with risk and control frameworks, and process improvement models (e.g. PCI DSS,
    NIST RMF, HIPAA, ISO 27002, ITIL, PTES)

    Prior experience working with diverse, cross-functional, cross-departmental projects, and technologies

    Well-rounded understanding of technology, operations, and key business processes

    Strong interpersonal skills and excellent written and verbal communication skills

    Intermediate to advanced proficiencies with MS Excel, MS Word, and MS PowerPoint

    Demonstrates a high degree of ethics; instills trust and credibility

    Effectively identifies, collaborates, and maintains relationships with relevant stakeholders

    Portrays strong facilitation, negotiation, and conflict resolution skills

    Translates requirements and risk concepts into relevant and understandable terms

    Manages individual workload to deliver with excellence on simultaneous projects and
    priorities; each with tight schedules

    Familiarity with vulnerability exploitation concepts

    Experience with Penetration Testing Execution Standard (PTES)

    Experience with industry standard vulnerability scanning tools

    Experience with E-Discovery, Legal Holds, and handling of Forensic Data/Evidence is
    preferred

  • Security Analyst
    Information Technology
  • No Preference
    Contract Only
    Other
    1
  • Candidate Requirements
    -
    Bachelors
  • Walkin Information
    -
    -
    -
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY, US
- 
Advertise with Us,

Size:120X120