Urgently Hiring
Easy Apply
Essential Jobs
Industry 0

12708 222 Consulting Firm Jobs


    Information Security Consultant

    TSR Consulting Services, Inc.
    Alpharetta, GA 30009
    Full-time, Part-time
    Refer friends, get paid!

    Job Description

    TSR is a premier National U.S. Staffing company with over 50 years of staffing excellence. Our client, a Global Professional Service Firm, is looking for Information Security Consultant for Federal Government Client Remote Long Term Contract Top 5 skills Experience as a Security Controls Assessor (SCA) Deep technical knowledge full understanding of security for the technology stack. Security of applications, infrastructure, network, desktop, access security, mobile, cloud security is a plus, Azure cloudsecurity is even better, etc. Deep technical experience interpreting NIST 800-171 and NIST 800-53 controls. This includes activities like documenting SSP (System Security Plans), and POAMs (Plan of Action and Milestone's). A good understanding of Risk Management Frameworks (RMFs), how they work, and how they apply to businesses. a. what is risk management, b. what is risk tolerance, c. what is risk mitigation....etc. Must be a and a Secret clearance is a plus Clear communications skills, both written and verbal. The opportunity As a Security Consultant for Government within the Global Information Security team, the individual will be responsible for providing security guidance to IT Service Delivery teams responsible for delivering cloud-based and emerging technology solutions that support our US federal government clients. The consultant will provide security guidance, identify and prioritize security-related requirements, promote secure-by-default designs and facilitate delivery of information security services throughout the system development life cycle (SDLC). The Security consultant will also be expected to perform security assessments of cloud-based information systems and infrastructure, develop appropriate risk treatment and mitigation options based on cloud security controls, and effectively articulate findings and recommendations to IT project teams and management. The successful candidate should have a solid background in security controls, security policy, risksecurity assessments. They should also have broad experience over an array of information security and technical disciplines and be able to provide pragmatic, business-aligned security guidance. The Security consultant will be expected to work on multiple projects and tasks concurrently. Your key responsibilities Develop and refine effective controls for cloud-hosted implementations that align with NIST, DFARS and DOD (CMMC) security requirements Assist IT Service Delivery team in documenting the security controls for cloud-hosted implementations of information systems for US federal government clients Define and provide security guidance that balances business benefit and risks in both on premise and cloud based systems (applications and infrastructure) Engage IT project teams involved in developing or deploying business applications, throughout the SDLC to identify and prioritize applicable security controls and provide guidance on how to implement these controls Perform security assessments and audits of information systems and infrastructure Maintain and enhance the Information Security assessment methodology Develop appropriate risksecurity treatment and mitigation options to address findings and vulnerablities identified during security reviews or audits Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stake-holders Work with other team members in the area of cloud security and emerging technologies Skills and attributes for success Demonstrated integrity in a professional environment Ability to team well with others to facilitate and enhance understanding compliance with security policies Ability to convey risks to IT and business stakeholders Ability to work effectively with customers, management, staff members, vendors and consultants and articulate findings and recommendations Strong English communication and writing skills Excellent interpersonal, communication, organizational, and project management skills To qualify for the role, you must have Experience with US federal Certification Accreditation (CA) packages, including Plans of Action and Milestones (POAMs) and System Security Plans (SSPs) Experience providing and validating security requirements related to information system design and implementation Experience conducting security assessments, vulnerability assessments, vendor and third-party risk assessments and recommending remediation strategies Experience utilizing NIST Special Publications 800 (Security) Series documentation. Familiarity with information system attack methods and vulnerabilities Ability to pass US Government Security Clearance ship Ideally, you will also have Experience with providing security controls for large scale deployments, preferably in cloud environments Experience providing and validating security requirements related to a broad range of operating systems and databases Experience in the use of tools and methods to identify security exposures and business risks Advanced degree in Information Assurance, Information Security, or a related discipline Knowledge of OWASP top 10 and remediation of attacks against web applications Knowledge of Cloud Security Alliance's cloud security controls Exceptional judgment, tact, and decision-making ability Knowledge of common information security standards such as ISO 2700127002, SOC, etc. Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, CAP, GSEC, CCSP, CISM or CISA Experience working for a US federal government agency, US federal contractor or state government agency Undergraduate degree in Information Assurance, Information Security, or a related discipline or equivalent experience What we look for In addition to the above-mentioned experience and skills, we are looking for individuals with experience in cloud computing from a security and infrastructure point of view. Significant experience in the Microsoft Azure, Google Cloud, or AWS platforms is strongly preferred. ExperienceRequired Skills Career-Level position within field. Requires experience and proficiency in discipline. Conducts complex work important to the organization. Works with minimal supervision with wide latitude for independent judgment. To qualify, candidates must have Approximately 10-12 years of experience in information systems architecture methodologies, management, and trackinganalyzing budgets Sound judgment and tact Excellent management, interpersonal, communication, and organizational skills Ability to work and team effectively with clients and other management personnel Education Advanced degree in Computer Science or a related discipline or equivalent work experience Please contact me directly if you are interested in learning more about this opportunity or to discuss our referral program if you know anyone that may be interested. Regards, Patrick Smith Strategic Recruitment TSR Consulting, Edison, NJ
    Posting ID: 596186207Posted: 2021-01-04