Sr Business SME2 (Infosec/Cyber Sec)
The Information Security Consultant is a vital member of the Information Security Office, implementing policies and providing consultation on a number for security matters. The candidate will help implement the security controls to strengthen the security posture for our client. The candidate must have strong security knowledge about how the security tools fits into the broader security program. The candidate will work with multiple parties to establish processes and implement measures to support the protection of the network and devices. This position will advise the Chief Information Security Officer on policies and work independently on security assignments. This position will work directly with the Chief Information Security Officer. This position will work with other information security resources and managers to address security architecture, monitoring and responding to incidents, application testing, data collection, and projects.
• Expertise understanding security architecture and design based on industry best practices
• Expertise understanding security tools and all its features in order to effectively use the tools to monitor and contain security threats.
• Expertise understanding in building and analyzing security controls and best practices.
• Ability to work independently and with a team in establishing rules/policies.
• Assist in implementing security solutions within our infrastructure.
• Ability to effectively work with members on the security team to document polices, processes, and provide analysis reports.
• Ability to lead and assist in security incidents to recognize and contain common attack vectors such as, recon scans, botnet, malware, command and control activity (C2), worms, trojans, and viruses.
• Ability to use correlation tools such as log aggregation tools or a SIEM for analysis
• Expertise security knowledge in designing, implementing, administering, and troubleshooting infrastructure devices, including firewalls, routers, switches, servers, wireless access points and controllers, and monitoring applications.
• Extensive knowledge and experience in risk management and project management practices.
• Previous government experience and interacting with multiple business lines and technologies to address desired outcomes.