Title : Information Systems Security
Location : Sacramento, CA (Onsite)
Duration : Long Term Contract
NEED LOCALS ONLY!!
Our Highly Qualified Candidate:
The ideal candidate possesses a combination of technical knowledge, strong analytical skills, and excellent interpersonal skills with a Bachelor’s degree in computer science related. The candidate should have at least 8 years experience in the multiple roles in information security field (e.g., network security, SOC analyst, endpoint management, vulnerability management, cloud security, incident response, programming/scripting). Knowledge of control systems, security best practices, security frameworks. Specifically, the candidate is significantly experienced in the following:
Evaluating and reviewing new and upgrade technologies for security risks
Performing risk and security assessments for new proposed applications
Assist in risk and vulnerability mitigations
Developing, updating and reviewing System Security Plans
Developing and updating IRPs (business and control systems), playbooks, tabletop exercises and simulation
Incident response and coordination following Incident Command Structure when appropriate
Monitoring district assets (e.g., servers, computers, devices, networks, applications) for potential security threats and vulnerabilities
Working with technical security systems such as SIEM, firewalls, endpoint security, vulnerability management, patch management, PKI, and cloud security management
Working with security awareness and training platforms to deploy training and phishing simulations. Ensuring timely completion of training and addressing those who are repeat offenders
Presenting at security workshops (technical and nontechnical) utilizing demos, & videos when appropriate
Performing security audits, testing, and assessments with tracking identified vulnerabilities to mitigation or risk acceptance in line with the criticality..
Evaluating risk acceptance requests and providing options for mitigating controls if needed.
Using administrative tools to configure policies for enterprise security platforms.
Working with CIS Benchmarks/CIS-CAT to identify standards and those assets that are not meeting standards
Developing and testing scripts to automate security operations tasks.
Developing, deploying, and supporting security policies, standards, guidelines, and procedures to ensure ongoing security compliance.
Experienced in Cloud Security with the major cloud platform providers
Experienced and proficient in networking, Windows domain administration, PAM, DLP, MFA, SOC applications, SIEM applications
Proficient in Python, and Power Shell.
Supporting change management processes.
Working collaboratively with team members, but also able to work effectively with minimal supervision.
Bachelor’s degree in computer science