For this contract assignment, your efforts will help the Threat & Vulnerability team, within the Information Security organization. Intermediate Information Security Analysis skills are essential. You will be expected to use various software tools to perform vulnerability scanning, helping to organize, rate, follow-up and report on various software vulnerabilities discovered throughout our assets, assist in assessing vulnerability patching, and penetration testing criteria setup.
In addition, you will be expected to understand various compliance regulatory requirements such as Payment Card Industry (PCI), New York Department of Financial Services (NYDFS) and others and help to rate and determine if we are in compliance. A strong understanding of security risk assessment/ evaluation is critical. You will also work/partner with the various IT and business units.
location: Cleveland, Ohio
job type: Contract
salary: $48 - 58 per hour
work hours: 8am to 4pm
- Assist in compliance backpatching efforts/ reporting for our hardware/ software assets
- Assist in software vulnerability scanning using our tools such as Qualys software
- Assist in executing Compromise Assessment for our assets
- Assist in gathering criteria for our bi-annual compliance penetration testing
- Working knowledge of a Security Information and Event Management (SIEM) software tool
- Using the SPLUNK Dashboard Required skills:
- Soft Skills (intermediate) - You need to be proficient in communicating and working with the customer regarding the scanning process, reporting process, and troubleshooting.
- SPLUNK Software - proficient at ingesting, reporting, and running queries using the SPLUNK dashboard
- Qualys Software Scanning (entry) - You need to be proficient at running vulnerability scans using Qualys software for different types of assets
- Vendor Product Troubleshooting - You need to be proficient at troubleshooting the different issues that will arise from the customers assets
- Unacceptable Risks- You need to be able to identify and deny unacceptable risks. You will need to issue the correct email templates and reports to the customer as supporting evidence.
- At least ONE Security certification, such as Comp TIA Security+ or CISSP, etc. Preferred skills and Experiences:
- Qualys Software Scan Troubleshooting - Proficient at troubleshooting vulnerability scans for different types of assets.
- Qualys Software Report Troubleshooting - Proficient at troubleshooting vulnerability reports for different types of assets.
- Qualys Software Authentication Troubleshooting - Proficient at troubleshooting authentication issues for different types of assets.
- Python Runtime Environment - Working knowledge of how to execute python code from the command line interface
- Escalations - Ability to understand when to escalate through the chain of command when a conflict occurs due to a customer is requesting to deploy an unacceptable risk.
- Experience level: Experienced
- Minimum 5 years of experience
- Education: Bachelors
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.