06 Jul
Information Security Analyst- Subject Matter Expert
Maryland, Baltimore , 21201 Baltimore USA

Vacancy expired!

Senior Security SME

Onsite (Crownsville, MD, Baltimore, MD and/or Glen Burnie, MD)

s/ Green- card Holders onlyWe’re looking for an Information Security Engineer who is highly analytical but still has great collaboration, organizational, and client-handling skills. Someone who enjoys staying current with industry trends on security frameworks and systems, and developing their skill set to keep pace. Our ideal new teammate has a natural, logical approach to problem-solving, sees the connections, and takes the time to make the right decisions – although that timeline is usually pretty fast.Our new teammate will join our team to assess vulnerabilities within our client environment and ensure that our client’s technology infrastructure is well-protected.You can expect to spend your time accomplishing the following:
  • 30% of time on Objective 1: Information Security (InfoSec) Policies and Best Practices.
  • 30% of time on Objective 2: InfoSec vulnerability and risk assessments along with recommendations.
  • 30% of time on Objective 3: InfoSec implementation and continuous improvement.
  • 10% of time on Objective 4: Continuous development of personal and organizational cybersecurity knowledge.

Job Responsibilities –
  • InfoSec Policies and Best Practices
o Ensure the protection of our client’s data and information by defining and developing InfoSec policies, requirements, and vulnerability management processes.o Properly document all InfoSec implementations, operations, and maintenance activities, and update processes and records as necessary.o Appropriately establish policies for multiple levels of data security sensitivity with tiered security protocols and commensurate vulnerability and risk assessments.
  • InfoSec vulnerability and risk assessments along with recommendations
o Routinely perform InfoSec reviews, identify gaps in InfoSec architecture, and develop an InfoSec risk management plan.o Provide InfoSec cybersecurity recommendations for the system, system component, or app-level security changes to leadership based on significant threats and vulnerabilities.o Routinely monitor and scan for vulnerabilities across systems and applications utilizing InfoSec best practices.o Thoroughly assess and monitor the InfoSec cybersecurity environment related to new system implementation and testing practices.
  • InfoSec Implementation
o Confidently implement InfoSec cyber measures and countermeasures to resolve vulnerabilities and mitigate risks while adhering to established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.o Rapidly and professionally work with stakeholders to resolve InfoSec incidents and vulnerabilities.o Assign data/information sets to appropriate tiers based on analyzing the sensitivity of information set(s) and level(s) of security needed.o Routinely analyze and report on InfoSec system and organizational security posture trends.
  • Implement organizational (and your) InfoSec knowledge, tools, and techniques that facilitate interoperability and automation of the vulnerability management process.
  • Create a plan to replace outdated or EOL assets by performing a vulnerability and risk assessment based on defined severities and information flows against all software and hardware.
  • Other duties as assigned by management.

Knowledge & Expertise
  • B.S. degree in Cybersecurity, Information Systems, preferred; Other related field or equivalent work experience accepted.
  • 8+ years of work experience in information security required.
  • CompTIA Security+ or equivalent certification required.
  • Demonstrable knowledge and experience in applications (we want you to know about and have hands-on experience):
o Computer networking concepts and protocols, and network security methodologies.o Cybersecurity, privacy principles, cyber threats, and vulnerabilities, and how to use network analysis tools to identify vulnerabilities.o Risk management processes (e.g., methods for assessing and mitigating risk) and vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
  • Proven ability to:
o Apply cybersecurity and privacy principles to organizational requirements including confidentiality, integrity, availability, authentication, and non-repudiation.o Assess security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). Thank you,

Mayuri SharmaSenior Talent Acquisition8825 Stanford Blvd., Suite 205Columbia, MD 21045Mobile:www.GlobalAlliantInc.com

Vacancy expired!


Related jobs

Report job