Information Security Advisor
Information Security Advisor
Posted on :
02-12-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
02-12-2024
Job Description
Job Title: Information Security Advisor
Location: Rockville MD (onsite)
Job Description:
- This role will be primarily responsible for performing assessments of systems and networks within the network environment to identify where those systems/networks deviate from acceptable configurations or policies and for measuring the effectiveness of defenseindepth architecture against known/detected vulnerabilities as per the federal cybersecurity standards & guidelines.
- Analyze an organizations cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
- Support authorized penetration testing on enterprise network assets.
- Prepare reports that identify technical and procedural findings and provide recommended remediation strategies/solutions; Perform vulnerability analysis; Measure the effectiveness of controls against known vulnerabilities.
- Work with stakeholders (system administrators and owners) to manage risksvulnerabilities
- Perform technical (evaluation of technologies) and nontechnical (evaluation of people and operations) impactrisk and vulnerability assessments of relevant technology focus areas (e.g. local computing environment network and infrastructure supporting infrastructure and applications).
- Identify systemic security issues based on the analysis of vulnerability and configuration data
- Make recommendations regarding the selection of costeffective security controls to mitigate risk (e.g. protection of information systems and processes).
- Ensure remediation plans are in place for vulnerabilities identified during risk assessments audits inspections etc.; Provide clear updates to management on vulnerabilities; Investigate document and report on the status and emerging trends
- Maintain uptodate vulnerability profiles including respective detection and countermeasures
- Participate in industry task forces and working groups where appropriate to understand current and emerging vulnerabilities to stay up to date
- Minimum 8 years experience in Information Security is required along with a minimum of 4 years of handson experience in at least 4 of the following:
- Application of Risk management frameworks and processes
- Use of vulnerability management tools; AppScan Tenable Invicti ForeScout and DbProtect preferred
- Creatingimproving risk management policies procedures and operations Participating in crossfunctional efforts for managing organizationwide risks
- Conducting Penetration Tests using Kali andor CoreImpact
- Collecting organizing analyzing and reporting updates alerts advisories and bulletins
- Use of industrystandards and widely accepted analysis principles and methods
- Risk management processes (e.g. methods for assessing and mitigating risk).
- Cybersecurity principles security models organizational requirements (w.r.t. confidentiality integrity availability authentication nonrepudiation) cyber threats risks and vulnerabilities cryptography and cryptographic key management concepts host/network access control mechanisms (e.g. ACLs) network access identity & access management (e.g. PKIs) Computer networking concepts and protocols and network security methodologies. Ethical hacking principles general attack stages; Specific operational impacts of cybersecurity lapses; programming language structures and logic.
- Basic system administration network and operating system hardening techniques
Must be:
- Able to communicate verbally and in writing complex technical issues with simplicity & clarity
- Strong Interpersonal skills excellent attention to detail and analytical skills
- Able to exercise discretion and maintain confidentiality Proficient in reporting and answering analytical questions using vulnerability data
- Education/Certifications:
- Applicants selected will be subject to a Public Trust background security investigation and may need to meet eligibility requirements for access to sensitive information.
- A BA or BS degree in MIS CS or related cybersecurity discipline (Masters preferred)
- Industry standards such as CEH CRISC GRCP or related GIAC (preferred but not required)
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
