Listing Description
Primary Responsibilities
Creates new ways to solve existing production security issues
Investigates intrusion incidents, conducts forensic investigations, and mounts incident responses
Evaluates new technologies and processes that enhance security capabilities
Establishes plans and protocols to protect data and information systems against unauthorized access, modification, and/or destruction
Delivers technical reports on daily activities
Analyzes and advises on new security technologies and program conformance
Maintains knowledge with current emerging technologies and advancements within Information Security
Takes initiative and responsibility for achieving desired results
May supervise or lead a small team
This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.
Requirements
High school diploma or GED
Five (5) years' of related post-secondary education and/or experience in Information Security or Information Technology
Preferences
Bachelor's degree in Computer Science, Management Information Systems, or directly related field
Relevant security certifications
Financial services experience
Skills and Competencies
Strong organizational, research, analytical and/or problem-solving skills to evaluate situations, make recommendations, and take effective action
Ability to articulate complex technical concepts or scenarios to both technical and non-technical audiences
Subject Matter Expert (SME) in one or more security domainsStrong technical skills: information security, network security, Windows security, UNIX/Linux security, and web application security.
Knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) or OWASP Risk Rating Methodology.
Prior experience with automated tools used to find system and web application vulnerabilities such as Nmap, Nexpose, Nessus, WebInspect, or Fortify as well as manual/penetration testing
Preferred Experience:
Certified Ethical Hacker (CEH), GIAC Web Application Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), Offensive Security Certified professional (OSCP), or other related security certifications Scripting with python, ruby, PowerShell, bash, or similar languages
An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, spidering, application flow charting, and session analysis.
Listing Details
- Citizenship: No Requirements
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: Travel 25
- Telework: Full Telecommute