Listing Description
Are you a technical security professional wanting to make a difference within your community and industry?
Do you have a passion for computers, networking, and information security?
SynerComm is seeking full-time security professionals to join our growing security assessment and consulting team. Our AssureIT team has built a tremendous reputation for providing industry leading consulting and professional services. The demand for our services continues to grow and we're looking for the right people to join us in making a difference in our industry.
Job Description:
The primary objectives of the Information Assurance Consultant - Auditor are to deliver and enhance the various information assurance services to SynerComm’s clients. The services include technical security assessments, IT security and compliance audits, risk assessments, and security consulting. This is a hands-on role, requiring technical skills from the hardware to the application layer and understanding of industry standards and regulations.
Key Responsibilities:
- Perform vulnerability assessments, IT audits, risk assessments, business impact analysis, gap analysis and consulting
- Utilize and interpret results from automated testing tools and developing manual audits
- Reviewing client policies and standards for accuracy, applicability and industry/regulatory compliance
- Auditing operating system, Active Directory, application and network device (switch, router, firewall, etc.) configurations
- Perform security interviews with key (client) staff members and developing technical and non-technical audits for validation
- Researching vulnerabilities and identifying mitigation solutions to resolve them
- Provide professionally written technical reports of vulnerabilities, findings and mitigation solutions to clients
- Work on improvements to the security services we provide, including the continuous enhancement of existing methodologies, tools and reports
Job Requirements:
- Bachelor degree or higher, technical discipline preferred
- 3 years of working experience in IT security, preferably with experience in IT security audit and consulting
- Background and work experience in networking, databases, and systems administration
- Good understanding of common network protocols (TCP, IP, HTTP, FTP, Telnet, SSH, SMTP, SNMP, etc.)
- Strong knowledge of common operating systems (MS Windows, Mac OSX, Linux/Unix)
- Strong knowledge of VPN technologies and multi-factor authentication
- Strong knowledge of security controls including firewalls, intrusion prevention, DLP and anti-malware
- Working knowledge of security principles, techniques and technologies
- Strong analytical skills and efficient problem solvingStrong organizational skills, ability to coordinate and multi-task projects, and meet deadlines
- Good English communication and grammar skills
- Good technical writing skills
- Independence, self-management and motivated
- Team-oriented
- Good time management skills
- Willingness to travel
- Willingness to learn
Desired Skills:
- CISSP, CISA, CRISC or other information security certifications
- Understanding of industry standards and regulations (NIST, ISO 27000, COBIT, ITIL. FFIEC, PCI DSS, etc.)
- Vulnerability and risk management experience
- Experience with various security tools and products (Nessus, nmap, DumpSec, BloodHound, RedSeal, etc.)
- Good understanding of Active Directory and Group Policy
- PCI Qualified Security Assessor (QSA) or PCI DSS audit experience
- Good understanding of the components of a secure DLC/SDLC
- Understanding of cryptography principles
- Physical security
Listing Details
- Salary: $80000 - $110000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: Travel 25
- Telework: Optional Telecommute