Эта вакансия уже завершена
Primary Duties:
- Leading Vulnerability Management process in a corporate environment
- Participate in and assist with audits of information security program (SOX, GDPR, SOC2, HITRUST)
- Monitor for, triage, and track remediation of vulnerabilities in our systems and networks
- Conduct routine log review of information security events, investigating and responding as necessary
- Maintain and enhance monitoring capabilities to ensure the integrity of our systems and networks
- Act as a core member of the Incident Response Team, triaging, responding to, and reporting incidents and associated metrics
- - Additional Roles and Responsibilities
- Conduct routine log review of information security events, investigating and responding as necessary
- Maintain and enhance monitoring capabilities to ensure the integrity of our systems and networks
- Act as a core member of the Incident Response Team, triaging, responding to, and reporting incidents and associated metrics
- Administer and maintain security products (phishing training, vulnerability management, SIEM, IDS, EDR, etc)
- Coordinate and participate in external assessments of our information security (risk assessment, penetration test, incident response tabletop)
Required Skills
- Familiarity with vulnerability management concepts, such as CVE and CVSS
- Strong knowledge of endpoint and server operating systems (e.g. Windows, macOS, Linux) and relevant security risks, controls, and vulnerabilities
- Strong knowledge of network and network security fundamentals
- Familiarity with enterprise security tools (antivirus, firewalls, email monitoring, two-factor authentication, SIEM, IDS/IPS, etc.
- Knowledge of and experience with compliance/remediation efforts of relevant domestic and international security standards and best practices such as FedRAMP, SOX, SOC2, NIST, GDPR, and HIPAA
- Familiarity with cloud computing environments and applications in a security context is strongly preferred
- Ability to quickly change priorities and handle simultaneous tasks
- Excellent oral and written communications- Education / Pre-requisites- 3-5 years experience in an information security field
- BS degree in Computer Science, Cyber Security, Information Technology (or related discipline)
- Graduate degree in Information Assurance (or related discipline) or equivalent formal training and experience in Information SecurityCISSP or GIAC certifications preferred