"Security Consultant"
krg technologyJob Description
Job Description:-
- Able to evaluate, implement and manage security solutions.
- Able to lead security projects and cross functional project teams.
- Able to implement and manage security policies, procedures and incident response strategies.
- Protects against unauthorized access, modification, or destruction of information assets.
- Works with end users to determine needs of individual departments.
- Hands on experience in Azure or AWS Security
-Ability to setup monitoring of security events in cloud
-Conduct Access Control review of applications database and OS on cloud
-Hands on experience in Cloudera security or Hadoop Security
- Implements policies or procedures, and tracks compliance.
- Familiar with a variety of Information Security concepts, practices, and procedures.
- Security tool system administration
- Functions as a system (or backup) administrator for 4 or more security tools.
- Makes recommendations to improve the functionality of the security tools to improve security posture and/or customer experience.
- Identify unsuccessful and successful intrusion attempts by reviewing and analyzing security events logs and event summary information.
-Conduct third party security or audit
- Ensure the integrity and protection of networks.
- Monitor logs for potential, successful and unsuccessful intrusion attempts.
- Communicate intrusions and compromises to team leaders.
- Monitor and investigate alerts, determining root cause and appropriate mitigations.
- Works with end users to determine needs of individual departments, implementing policies or procedures.
- Able to serve as a subject matter expert on security projects/initiatives.
- Works under general supervision.
- Work as part of a team to lead elements of larger security projects.
- Through various consultative methods (PER process, meetings, service requests, etc.) work with our customers to review their requirements and access the overall security.
- Provide recommendations to improve security while achieving the business goal.
- Understand that we must enable the business while securing it.
- Conduct risk/vulnerability analysis on projects/new technology, providing remediation steps as appropriate.
- Stay current on threats affecting the industry as a whole; provide recommendations to address as appropriate.
- Stay current on emerging technology and provide recommendations on how MH could use this technology to improve security.
- Incident Response
- Keeps management advised during the incident.
- Creates appropriate documentation of the incident including lessons learned and ways to minimize a repeat incident.
Qualifications:
- BS in IT, Computer Science, Management Information Systems or equivalent degree preferred. Work experience may be substituted.
- At least 10 years of IT experience with at least 5-7 years of system/network security experience, including threat modeling, threat assessments, risk identification techniques, penetration testing.
- Security certification desired (e.g., CISSP, ISSMP, ISSAP, GIAC, CEH)
- Proven experience and knowledge of IT Security regulations and standards, especially in HIPAA/HITECH and PCI-DSS.
- Proven experience and detailed technical knowledge in:
- endpoint security and protection
- server security and protection
- data loss prevention
- network security engineering
- deploying intrusion detection/prevention tools
- authentication and security protocols
- security event correlation
- web security gateways
- vulnerabilities and remediation techniques
- application and OS patch management and remediation
Mandatory: LinkedIn presence and for verification share 2 good references from your last two projects.
If you are not interested in the role or if now isnβt a great time for a move, just let me know if I can help in the future.
Thanks for your time,
Additional Information
All your information will be kept confidential according to EEO guidelines.