Coordinate and execute security policies and controls, as well as assess vulnerabilities within a company. They are responsible for data and network security processing, security systems management, and security violation investigation.
Additional job details and special considerations
Supports the TIERS Learning Center and Operations by applying Information Security threat intelligence to identify and exploit vulnerabilities within different environments. On a daily basis you will perform analysis of on-prem and cloud security and monitor security operations including security architecture reviews. Our ideal candidate understands regulatory requirements, has in-depth knowledge of industry standards and trends, and is proficient with the latest cybersecurity software.
II. CANDIDATE SKILLS AND QUALIFICATIONS
Minimum Requirements:
Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.
Years
Required/Preferred
Experience
8
Required
Responsible for implementing security measures to protect computer systems, networks and data. Information security analysts are expected to stay up to date on the latest intelligence, including hackers’ methodologies, in order to anticipate breaches.
8
Required
Responsible for ensuring all networks have adequate security to prevent unauthorized access. Also must ensure that all security systems are current with any software or hardware changes in the company.
8
Required
Conduct application security assessments using off-the-shelf or internally developed tools. Also produce and deliver vulnerability and exploit information to clients in the form of a professional security assessment report.
8
Required
Orchestrate calls to include, but not limited to project kick-off calls, notification of high/critical findings during the testing process, and close out calls to review test findings, evidence, process steps to reproduce, and remediation recommendations.
8
Required
Perform proactive research to identify and understand new threats, vulnerabilities and exploits. Perform procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
8
Required
Extensive experience with working with and implementing NIST 800-37, NIST 800-53, MARS-E controls, POA&Ms, and developing Corrective Action Plans.
8
Required
Prepare impact assessment reports that document security breaches and the extent of the damage caused by the breaches. Create standard operating procedure documents in adherence to security policies and standards.
8
Required
Review violations of computer security procedures and discuss procedures with HHSC/TIERS Security team. Confer with users to discuss issues such as computer data access needs, security violations, and programming changes.
8
Required
Skilled information technology professional with advanced experience developing and implementing IT policy, standards and procedures.
6
Preferred
Ability to prepare concise written reports appropriate to the audience. Ability to communicate effectively verbally and in writing.
6
Preferred
Experience working with Archer GRC, Dynatrace, Splunk, Imperva Web Application Firewall, Qualys and MS Office tools.
4
Preferred
Conduct research to recommend security enhancements and purchases of new security tools.
3
Preferred
Ability to training staff on network and Information Security procedures, processes and information safeguarding.
Job Type: Contract
Pay: $50.00 - $60.00 per hour
Experience level:
- 9 years
Experience:
- implementing security measures to protect computer systems: 9 years (Preferred)
- implementing NIST 800-37, NIST 800-53, MARS-E controls: 9 years (Preferred)
- Information Security Management: 9 years (Preferred)
Work Location: Remote