Description
Information Security Consultant
Contract Position: Information Security Consultant
Location: Atlanta
Education: 4-year college degree and CISSP preferred
Skills:
- 7+ years of information security testing & evaluation, auditing, risk assessment, policy and procedure development
- Must have the demonstrated ability to work with a diverse team and lead/assist in developing and improving an information security program of a large enterprise.
- Knowledge of, and experience with regulatory and compliance information security frameworks, standards, and best practices (NIST, COBIT, HIPAA, SOX, PCI-DSS, ISO 27000 series, etc.).
- Ability to develop practical and workable security solutions to address business partner's technical and business problems
- Full proficiency with vulnerability assessment and management tools (McAfee Vulnerability Manager, Metasploit, CORE IMPACT)
- Proficient with static and dynamic code scanning testing techniques
- Excellent attention to detail and follow through
- Strong verbal and written interpersonal communications skills and ability to deal effectively with business partners, peers and management
- Competent knowledge of mobile device and mobile application development security
Initial Project Assignment/Responsibilities
This Information Security Consultant will be a member of the Information Security group responsible for improving the overall information security program. The Information Security Consultant will conduct and thoroughly document security assessments of new and existing technology initiatives. The candidate will also evaluate, recommend, and implement new information security solutions, and assist as needed in the support of existing security products. Primary focus will be in improving application security or on mobile device and mobile application security, but other security responsibilities will also be assigned.
Additional responsibilities include:
- Provide technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation in a large corporate enterprise
- Responsible for designing and implementing solutions to protect the confidentiality, integrity and availability of sensitive information
- Provide technical evaluations of systems and assist with making security improvements
- Conduct security product evaluations, and recommends products, technologies and upgrades to improve the security posture
- Assist in defining, implementing, and maintaining information security policies, standards and procedures
- Conduct testing and audit log reviews to evaluate the effectiveness of current security measures