Description
Resource 1 is seeking an IT Cyber Security Specialist for a 1-year contract in Warrenville, IL. This is an exciting opportunity to be part of a high-profile government project with national and international visibility. Since this is a government project, selected candidate must be a US Citizen. The Cyber Security Specialist should be familiar with the support and operation of security infrastructure, monitoring systems, and reporting tools. Assists in managing security-related configurations, platform hardening, and other control systems for Servers, network devices, cloud environments, and software solutions. Evaluate IT service requests for security concerns and potential issues, providing feedback to stakeholders. Integrate with IT infrastructure and application development projects to represent security concerns and initiatives. May lead small security projects related to administration efforts.
Primary Responsibilities
Monitor network to identify security breaches detected by those systems; and help drive tracking, investigation, and resolution of those incidents.
Participate in daily security operations, in partnership with other Technology teams as required and appropriate.
Execute technical work to tune and improve security infrastructure operation, maintain integrity and accuracy of asset inventory, and validate technology systems meet expected configuration requirements; working in partnership with other Technology teams as appropriate.
Required Knowledge and Experience:
4-7+ years of overall IT Engineering experience
5+ years of current experience in Information Security within an Enterprise IT environment.
Prior experience with NIST 800-53, Public Trust or FED experience is a really NICE TO HAVE.
Prior experience with Active Directory and Windows OS security administration and architecture
Contribute to the development of Information Security policies, standards and procedures. Assist operations and development teams in aligning operating procedures with information security best practices.
Participate (and captain) Security Incident Response Processes.
Participates in enterprise security Red Team program and associated tabletop activities, analyses, and drills.
Apply internal controls and security concepts in a wide variety of information technology processes and appropriately assess the exposures resulting from ineffective or missing controls.
Participate in enterprise vulnerability management program and associated operational processes.
Coordinate with development teams around application security best practices, application vulnerability scanning, penetration testing, and data privacy processes.
Serve as an internal information security consultant to business, development, and infrastructure teams, advising internal business units with current information about best practices, changes to the threat landscape and security related regulatory issues.
Previous experience leading sensitive investigations.
Previous experience with customer and business-facing communication.
Previous experience presenting in front of large groups and or to executive leadership
Previous experience with the concepts of application security (AppSec) including basic control structures and threats.
Application vulnerability management and or penetration testing a plus.
Within the area of assigned responsibilities, provides direct training to all employees, contractors, alliances, or other third parties, ensuring proper information access in accordance with established organizational information security policies and procedures
Skills:
Bachelor's degree in discipline related to functional work or role with 4-7 years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience.
Ability to solve complex problems with minimal supervision using sound logic and analytic methods.
Excellent written and verbal communication skills with ability to state messages in a clear and concise manner that is understandable by both technical and non-technical teams. Must be able to proactively listen to others to understand issues and situations. Must be able to clearly articulate business needs to both internal and external customers.
Strong proficiency and or previous experience securing the following:
Microsoft Office Suite (Traditional Office 365)
Google G Suite
Microsoft Server Platforms
Microsoft Endpoint Platforms
O/S Windows, XMacOS, Linux Debian, CentOS
Firewalls; Palo Alto Networks, Cisco
Endpoint Security: Symantec, Sentinel On
SIEM: and Logging Splunk, LogRythym
DDoS: Radware, Arbor Networks
Vulnerability Management: Nexpose, OpenVAS, Burp, ZAP
WAF: Citrix NetScaler, Imperva
Databases: Microsoft SQL Server, OracleDB
Application; Servers Microsoft IIS, Apache, Nginx
Ecosystems; Microsoft .Net, Java, PHP