Security Network Engineer

Description EXECUTIVE SUMMARYOur client is seeking consulting services to review and optimize its current security toolset. The client's goal for this effort is to understand the full set of security tools in place within its on premise and cloud environments, how those tools are implemented and configured, and how the organization is currently leveraging the available tooling capabilities. Efforts will also focus on tool effectiveness and maturity against the NIST standards required to meet the client's security objectives. It will also provide recommendations for optimizing the toolset, including a review of tooling costs, and contract licensing renewals as time permits and if details are made available by the client.The ultimate goal is to determine tooling capability duplications that provide for tool consolidation and improvement, and cost optimization opportunities. Output from this effort will be leveraged to refine requirements and scope for follow on vulnerability management and penetration testing program development efforts. ACTIVITIES

Discovery and Documentation Review

a. Review Existing Tool Inventory i. On-premises ii. cloud-based tools b. Inventory Updates i. Discover additional tools in use in the environment through interviews and artifact inspection c. Capture any infrastructure, application and data architecture and inventory for the client.

Capture Tool Implementation and Configuration

a. Review and document how each security tool is implemented and configured in the environment. b. Detailed analysis of the tool's settings and policies

Tool Capability Assessment

a. How client is currently leveraging available capabilities of each security toolb. Identify areas where additional capabilities could be used

Tool Effectiveness Assessment

a. Assess effectiveness of current security toolset against client's security objectivesb. Analysis of tool configuration settings, policies, and procedures to ensure they are optimized for the client's security goals

Tool Maturity Assessment

a. Assess the maturity of the security toolset against industry best practices and maturity models, such as the NIST Cybersecurity Framework

Infrastructure, Application and Data Architecture Assessment

a. Assess the details of the client's architecture and on-prem versus cloud computing environment (for future Vulnerability Management and Penetration Testing activities)

Control Objective Mapping

a. Map the tooling control objectives to NIST standards to identify gaps or overlaps in the toolset b. Identify areas where additional capabilities could be used to enhance the client's security posture.

Tooling Recommendations

a. Provide recommendations for optimizing security toolset to better meet security objectivesi. Changes to tool configurationii. Policies and proceduresiii. Suggestions for new tools Requirements DELIVERABLES Updated Security Controls/Technology Inventory Executive Report detailing high level findings of functional and operational deficiencies (PowerPoint format) Technical Report detailing technical deficiencies, and redundancies (Excel format) Executive Presentation - Strategy Aligned Security Controls Technology Review (PPT and presentation if desired) Draft System Security Plan (SSP) to document the environment and initial inventory (Word) Security Control/Technology Roadmap (Excel) Security Control/Technology Impact Analysis (Word or Excel) Discovery report to inform Vulnerability Management and Penetration Testing Program Development effortsTechnology Doesn't Change the World, People Do.® Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.Robert Half puts you in the best position to succeed by advocating on your behalf and promoting you to employers. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity – even on the go. Download the Robert Half app (https://www.roberthalf.com/mobile) and get 1-tap apply, instant notifications for AI-matched jobs, and more.All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.© 2023 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to Robert Half’s Terms of Use (https://www.roberthalf.com/terms-of-use) .