Previous Job
Previous
Information Security Officer
Ref No.: 18-06056
Location: Santa Clara, California
 Responsibilities:
  • Ownership of day to day security events, perform incident response using NIST SP 800-61 standards, and determine root causes
  • Create and lead security initiatives that reduce risk as well as automate detection and protection mechanisms
  • Identify needs and implement comprehensive security controls using multi-layered security and defense in depth
  • Collaborate with all operations teams to ensure security controls and configurations are implemented and incorporated in their ongoing operations
  • Server security through vulnerability management, system patching and secure configuration
  • Network security through segmentation and firewall zoning and ACL policies, as well as secure configurations in firewalls, routers, switches, VPNs and load balancers
  • Endpoint security management to prevent malware and insider threats
  • Email security through Spam filtering and use of SPF & DMARC
  • Application security based on OWASP Top 10
  • Monitor SIEM, IPS, event logs and reports for indicators of attack and indicators of compromise
  • Proactive client involvement in solving client challenges and business opportunities
  • Contribute quarterly security advisories for the Security Awareness Program
  • Keep security plans and documentation updated, such as the disaster recovery plans and security policies
  • Continuously mature the GRC program
  • Governance: Collaborate with client stakeholders and steering committees to ensure plans and identified solutions meet business needs and expectations.
  • Risk: Working with stakeholders to perform risk management and ongoing assessments, and then selecting mitigating and corrective controls based on Pareto analysis
  • Risk: Reviewing SOWs and RFP responses to assess risks
  • Risk: Collect, analyze, and validate open source intelligence
 Skills: 
  • Client engagement soft skills are required 
  • The ability to present and explain security and risk information for business executives to understand 
  • The ability to lead people of various levels and technical expertise 
  • The ability to prioritize and persuade in order to move the security program forward amongst competing initiatives 
  • Experienced with security solutions (e.g. firewall, VPN, SIEM, IPS, URL filtering, Endpoint protection, MFA, NAC) 
  • Strong understanding of NIST 800-53 & CSF, risk assessment and incident response standards 
  • Strong understanding of Microsoft Active Directory, GPOs, Windows DACL/SACL, and Linux 
  • Strong understanding of protocols, such as IPsec, ESP, GRE, SSL/TLS, 802.1x, RADIUS/TACACS, HSRP, GSLB and WCCP 
  • Ability to perform and analyze packet captures 
  • Ability to analyze suspicious emails, URLs, and files to ascertain if they are malicious 
  • Knowledge of hacking techniques, vulnerability disclosures, and security analysis techniques 
  • Knowledge of malware families, botnets, threats by sector, attack campaigns and attack methods 
  • Scripting language such as PowerShell or PERL 
  • Familiarity with incident tracking, change management and project tracking systems like ServiceNow and Jira