Information Security Manager
Our Direct Client is seeking an experienced, full-time, on-site, dedicated Candidate, with skills and expertise as described in below requirement.
Client is seeking an Information Security Manager that serves as a liaison between IT architects and information security teams and also coordinates with information system owners and common control providers on the allocation of security controls as system-specific, hybrid, or common controls. In addition, the Candidate, in close coordination with information security officers, advise authorizing officials, the chief information officer, senior IT and security staff, on a range of security-related issues including establishing information system boundaries, assessing the severity of weaknesses and deficiencies in the information system, plans of action and milestones, risk mitigation approaches, security alerts, and potential adverse effects of identified vulnerabilities.
Required Skills and Experience:
Required 5 years - Proven work experience in security architecture, demonstrating solutions delivery, principles and emerging technologies - designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions
Required 5 years - Experience consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements
Required 5 years - Proven expertise in security considerations of cloud computing: This includes data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks
Required 5 years - Identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
Required 5 years - Knowledge and experience working with relevant National Institute of Standards and Technology (NIST) standards
Required 5 years - Knowledge and experience working with ISO27001 – specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization’s risk management
Required 5 years - Experience delivering/managing Identity and access management (IAM) solutions – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources
Required 5 years - Experience working with security management tools (e.g., vulnerability scanners, file integrity monitoring, configuration monitoring, etc.) and perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.)
Required 5 years - Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. CIS Baselines, NIST, vendor security technical implementation guides, etc.)
Required 5 years - Strong awareness of networking and internet protocols, including TCP/IP, DNS, SMTP, HTTP and distributed networks
Required 5 years - Knowledge of web services, API, REST and RPC
Required 5 years - Ability to resolve complex security issues in diverse and decentralized environments; to learn, communicate, and teach new information and security technologies; and to communicate effectively
Required 5 years - Excellent communication and organizational skills, and the ability to stay focused on completing tasks and meeting goals within a busy workspace
Required 5 years - Extensive skill in effective verbal and written communications with other computer professionals, clients, and stakeholders
Required 5 years - Knowledge of software development life cycle methodologies
Required 5 years - Ability to analyze and problem solve
Required 5 years - Ability to establish and always maintain effective and professional working relationships with others in the course and scope of conducting business
Required 5 years - CISSP-ISAAP or equivalent certification
Required 5 years - Ability to obtain required certification within 6 months and maintain approved baseline certification for position (i.e. CISSP-ISAAP or equivalent)
Required 4 years - Graduation from an accredited four-year college or university with major coursework in information technology security, computer information systems, computer science, management information systems, or a related field is generally preferred.
Preferred 1 years - GSEC, CEH, CISA, CCSP desired
Preferred 1 years - Certification as an AWS Solutions Architect, Cloud Security Certification, and/or OpenStack Administrator Certification a plus. (Other cloud-related certification also a plus)