Job Location: Virginia(Hybrid)
Job Description:
For this position we are really looking for someone who is strong in Security Operations (Vulnerability Management, Penetration Testing, Incident Response, Identity Access Management, etc.). A few of the candidates were strong in Risk Management (Risk Assessment, Data Classification, Audits, etc.) but we already have those skills on our team. The remaining candidates mostly struggled to answer basic technical questions relating to security and seemed to mostly come from more IT Operations backgrounds. We are looking for an experienced person as this is not an entry level opening.
General things to consider when screening:
Analyze the security impact of application, configuration, and infrastructure changes to ensure compliance with the security standard as part of the change management lifecycle.
·Assess the configurations of applications, servers, and network devices for compliance with the security standard.
·Analyze and document how the implementation of new system or new interfaces between systems impacts the security posture of the current environment.
·Assess and document the security impact and risks of newly discovered vulnerabilities in the environment.
·Coordinate resolution of application and infrastructure security vulnerabilities with System Owners, IT, and vendors. Track resolution of vulnerabilities and provide regular updates to management.
·Coordinate resolution of endpoint security vulnerabilities with users and provide regular updates to management.
Skill | Required /Desired | Amount of Experience | Candidate Experience |
NIST 800-53 rev 5 and/or Criminal Justice Information System (CJIS) specifications for an information security management system. | Required | 5 |
|
Software development lifecycle, vulnerability management processes, role-based authentication methodologies, etc. | Required | 5 |
|
Familiarity with programming languages such as Python, Java, JavaScript, C++, C#, SQL, HTML, CSS, and/or COBOL. | Required | 5 |
|
Expertise in using automated vulnerability scanners like Nessus, Qualys, Retina, and/or Tenable. | Required | 5 |
|
Familiarity with web application security testing tools like Burp Suite, Fortify, and/or AppScan. | Required | 5 |
|
Basic scripting skills (e.g. WDL, VBScript, JavaScript, PowerShell, Python) for automation | Required | 5 |
|
IT security or risk assessment certifications are advantageous (CISM, CCSP, CISSP, CEH, CompTIA Pentest+ and/or CompTIA Security+) | Required | 5 |
|
...the Birmingham, AL area. Come join our fast-growing team as a Security Field Supervisor.The Security Field Supervisor handles the management... ...including medical, dental and vision; a 401k plan; Superior Service Awards and various Employee Recognition.Field Supervisor...
...to work that is inclusive to all. Toll Brothers , America's Luxury Home Builder, has an opportunity for a top-notch Data Governance Manager to join our team at our corporate office in Fort Washington, Pennsylvania. What is the opportunity? We are looking...
...difference in peoples lives and help strengthen your community every day. The State Farm agent opportunity is one of the best small business opportunities in America. If youre interested in running your own business, we are seeking accomplished professionals to become a...
...ability to deliver a collective scope of services, expertise and manpower. PRIMARY FUNCTIONS PRIMARY FUNCTION The Project Controls... ...(EAC) changes Develop and maintain professional services staffing plans Calculate, explain, and report variances, performance,...
...record patient responses to test stimuli.~Experience in keeping careful and thorough behavioral notes of patient demeanor during... ...towards test taking.~Working knowledge of psychological and mental health terms. ~Proficient in using computer to run software scoring...