Senior Enterprise Information Security Professional - Threat Management

Senior Enterprise Information Security Professional - Threat Management

Remote Job |   2022-05-25 11:00:29

Apply Now

Share Job 

Job Code : LOBLOLLY14

Senior Enterprise Information Security Professional - Threat Management
Houston, TX (Remote)
12+ month Contract

Under minimal direction, the Senior Enterprise Information Security Professional executes vulnerability, threat and incident management processes to help ensure cybersecurity risks and threats are proactively identified and addressed to maintain the protection of Client information and information systems.

Job Duties and Responsibilities:
•    Administers and maintains enterprise cybersecurity technology platforms and services
•    Executes threat management processes and outcomes to ensure proactive discovery and remediation of risks
•    Effectively communicates security vulnerabilities and risks to issue owners and assists in remediation efforts
•    Responsible for the design and implementation of enterprise-wide security solutions to address Cybersecurity needs as they are identified and prioritized
•    Projects may include Endpoint Detection and Response, Anti-Virus, Secure Remote Access, Cloud-Based Web Filtering, Office 365 security controls, Azure ATA/ATP monitoring, Security Operations Center (SOC)/Security Information & Event Management (SIEM), Data Loss Prevention (DLP) and Data Encryption/Protection for cloud storage and collaboration platforms
•    Primarily focuses on supporting endpoint detection and response solutions, threat and vulnerability management, threat intelligence monitoring and advisory, and metrics related to cybersecurity solutions
•    Performs threat detection and response based on system alerts, suspicious emails, and advanced threat analytics
•    Review Firewall Rule Change Requests, Requests for IP Whitelist/Blacklist, Asset Discovery Scanning, Vulnerability Scanning, Root cause Analysis, Reporting & Remediation, and Security client gap analysis oversight
•    Works on projects or issues of high complexity that require in-depth knowledge across multiple technical areas and business segments
•    Conducts independent research, analysis and stakeholder interviews to gather and document each project’s scope, requirements and dependencies
•    Works with threat management to review and communicate project security vulnerabilities and risks to stakeholders and consults on remediation efforts
•    Leads vendor evaluation, proof-of-concepts and product selection
•    Provides technical leadership and hands-on testing/engineering throughout the project lifecycle (Initiation, Planning, Execution, Control and Closure)
•    Develops documentation as necessary to support the overall deliverer of Cybersecurity objectives; this includes but is not limited to: project plans, communications, executive presentations, job aids, training materials, architecture diagrams, technical reference documentation metrics/measures packages, and Requests for Proposal/Offers (RFP/RFO’s)
•    Designs, documents and implements procedures to ensure long-term health and operational support for all new platforms
•    Relates cybersecurity policies and practices to project implementation efforts related to NIST CSF
•    Demonstrates in-depth knowledge and understanding of the global threat landscape, cybersecurity trends, emerging technologies and an ability to relate them to the county and its objectives
•    May serve as a general security subject matter expert and project consultant to IT staff and other departments/agencies as necessary to support the demand for cybersecurity expertise
•    Analyzes system data to determine broad issues/trends and to determine root cause problems
•    May also participate in the evaluation and implementation of other new security solutions
•    Participates on Cybersecurity Incident Response Team (CIRT) investigation and response activities as required
•    Coaches and mentors more junior level managerial and technical staff

Requirements:
•    Associate degree or currently pursuing a degree from an accredited college or university in Information Systems, Information Assurance, Cybersecurity, Information Technology, Computer Science, or similar area of study
•    Four (4) years of progressive work experience in Information Security, Information Technology, Computer Science, or related field
•    Direct experience designing, implementing, and operating enterprise security solutions, threat management, endpoint detection and response tools and technologies

OR

•    Bachelor's degree from an accredited college or university in Information Systems, Information Assurance, Cybersecurity, Information Technology, Computer Science, or similar area of study
•    Two (2) years of progressive work experience in Information Security, Information Technology, Computer Science, or related field
•    Direct experience designing, implementing, and operating enterprise security solutions, threat management, endpoint detection and response tools and technologies

Knowledge, Skill & Abilities (KSAs):
•    Experience implementing and executing security solutions, threat and vulnerability management tools and technologies across complex, large-scale environments, all the way from project initiation to the desired end state of operationally healthy and sustainable services
•    Experience validating, analyzing and prioritizing reported vulnerability and security risks related to solution implementation and design
•    Ability to build and maintain strong relationships across departments/teams and effectively communicate solution designs to stakeholders and leadership
•    Exceptional leadership, verbal and written communication, and project management skills
•    Ability to confront challenges in a constructive fashion and influence others through consensus building techniques
•    Strong organizational skills, including the ability to drive adherence to cybersecurity processes and tools and to keep focus on multiple tracks of work and open issues in parallel
•    Strong technical writing, research, analysis and analytical/problem solving skills
•    A passion for cybersecurity, self-starter mentality, flexibility and willingness to take on new challenges and ability to thrive in a team environment

Preferences:
Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC) or CompTIA Security+ Certification or other relevant industry certifications

Knowledge, Skill & Abilities (KSAs):
•    Experience in threat intelligence gathering, research and analysis
•    Experience participating in Cybersecurity Incident Response Team (CIRT) activities
•    Experience consulting with business and technology partners on general security requirements and best practices
•    A broad understanding of cybersecurity concepts across all domains, applicable security models (e.g. NIST and CIS Critical Security Controls) and regulations (e.g. CJIS, PCI, HIPAA, Privacy)
•    Experience with SharePoint, PowerBI reporting, O365
•    Experience with Advance Threat Monitoring and Vulnerability scanning tools (SentinelOne, Rapid7)
•    Experience with Endpoint Protection tools
•    Experience with Microsoft Azure Security & Compliance Center

Thanks,

Riyaz Khan Pathan 

Sr Technical Recruiter

1601 N Harrison Ave, STE # 2B, Pierre, SD 57501

Phone: 605-220-5981 Ext 113 | Direct: 605-776-2219 |

Email: riyaz.khan@my3tech.com

LinkedIn: https://www.linkedin.com/in/riyazkhanpathan/

F: (605) 609-2010  |

W: www.my3tech.com

Certified Minority Business Enterprise (MBE)