Information Systems Security

Title : Information Systems Security 
Location : Sacramento, CA (Onsite)
Duration : Long Term Contract

NEED LOCALS ONLY!!

Our Highly Qualified Candidate:

The ideal candidate possesses a combination of technical knowledge, strong analytical skills, and excellent interpersonal skills with a Bachelor’s degree in computer science related. The candidate should have at least 8 years experience in the multiple roles in information security field (e.g., network security, SOC analyst, endpoint management, vulnerability management, cloud security, incident response, programming/scripting). Knowledge of control systems, security best practices, security frameworks. Specifically, the candidate is significantly experienced in the following:

Evaluating and reviewing new and upgrade technologies for security risks

Performing risk and security assessments for new proposed applications

Assist in risk and vulnerability mitigations

Developing, updating and reviewing System Security Plans

Developing and updating IRPs (business and control systems), playbooks, tabletop exercises and simulation

Incident response and coordination following Incident Command Structure when appropriate

Monitoring district assets (e.g., servers, computers, devices, networks, applications) for potential security threats and vulnerabilities

Working with technical security systems such as SIEM, firewalls, endpoint security, vulnerability management, patch management, PKI, and cloud security management

Working with security awareness and training platforms to deploy training and phishing simulations. Ensuring timely completion of training and addressing those who are repeat offenders

Presenting at security workshops (technical and nontechnical) utilizing demos, & videos when appropriate

Performing security audits, testing, and assessments with tracking identified vulnerabilities to mitigation or risk acceptance in line with the criticality..

Evaluating risk acceptance requests and providing options for mitigating controls if needed.

Using administrative tools to configure policies for enterprise security platforms.

Working with CIS Benchmarks/CIS-CAT to identify standards and those assets that are not meeting standards

Developing and testing scripts to automate security operations tasks.

Developing, deploying, and supporting security policies, standards, guidelines, and procedures to ensure ongoing security compliance.

Experienced in Cloud Security with the major cloud platform providers

Experienced and proficient in networking, Windows domain administration, PAM, DLP, MFA, SOC applications, SIEM applications

Proficient in Python, and Power Shell.

Supporting change management processes.

Working collaboratively with team members, but also able to work effectively with minimal supervision.

E:azeem.m@cssitconsulting.com