Job summary:

Job description:

*** Very long term project; initial PO till 6/30/2021 but expected to go for 3+ years ***  37.5 hours per week *** ***Webcam interview; initial remote due to covid then onsite ***

Product Specialist 6, Core

Information Security Consultant

Key Skill Areas: System/Network/Application Security, Vulnerability Management, Incident Response

Key Responsibilities:

• Technical Consultant
• The Contractor will act in the role of Information Security Engineer, supporting security operations. This role reports directly to the Chief Information Security Officer (CISO).
• Provide a first line of response for daily cybersecurity activities and inquiries from IT and business personnel.
• Technical Lead for Third Party Risk Management (TPRM)
• Critically review vendor cybersecurity assessment/scan reports and TPRM questionnaires.
• Conduct oversight of critical vendors. Identify security issues and track to closure.
• Technical Lead for Cloud Security
• Identify processes and controls to monitor vendor cloud environments to maintain risk transparency. This includes security configurations, vulnerabilities and suspicious activity.
• Identify processes and controls to identify and mitigate risk within cloud implementations. 
• Technical Lead for Threat and Vulnerability Management
• Evaluate cybersecurity advisories, communicate internally and influence vulnerability remediation.
• Facilitate remediation of cybersecurity issues. Track to closure.
• Improve processes to reduce Mean-Time-to-Remediate vulnerabilities and Adversary Dwell Time.
• Recommend process and controls to mitigate adversary Tactics, Techniques and Procedures (TTPs).
• Technical Lead for Monitoring and Incident Response
• Enhance log/event centralization and monitoring via Security Information and Event Management (SIEM) software.
• Evaluate existing Security Operations Center (SOC) monitoring services and make recommendations for improvement.
• Review SIEM analysis reports and alerts. Investigate suspicious activity. Participate in incident response activities.
• Provide after-hours support coverage.
• Act as an Information Systems Security Officer (ISSO)
• Support deployment and administration of PSERS security devices and software.
• Coordinate and support cybersecurity assessments by external firms.
• Communicate security standards requirements within project and change advisory board meetings.
• Work with employees to document risk register entries.
• Draft custom role-based security awareness content.
• Design and implement enhanced security metrics and reporting. 
• Contribute to strategic planning and annual goals for the cybersecurity program.
• Assist with yearly IT audits
•  

Required Skills

• 10 years experience
• Excellent organizational, time management and problem-solving skills
• Ability to communicate security concepts to technical and non-technical audiences
• Experience in an information security role
• Deploying and supporting Microsoft Windows Active Directory and supporting infrastructure (policy, DNS, PKI) in a large Active Directory environment
• PowerShell, writing scripts for automation, system administration
• Expert level knowledge - hands on experience: deploying Azure services in IaaS and PaaS cloud services
• Azure and AWS cloud security experience - nice to have
• Hands-on experience with security devices and software
• Infrastructure security experience, including system hardening
• Vulnerability Management experience, including executing scans
• Application security experience

Contact the recruiter working on this position:

The recruiter working on this position is SriRam Chimata(Shaji Team)
His/her contact number is +(1) (202) 7384242
His/her contact email is sriram.chimata@msysinc.com

Our recruiters will be more than happy to help you to get this contract.