Location: Remote work opportunity
Type: Contract, W2 Hourly
Duration: 6 Months, with potential for multiple extension
Our Client's security team is a specialized, dedicated group with responsibilities covering sensor monitoring, vulnerability scanning, network security, incident response, and application security. They support various initiatives that include policies and procedures, as well as auditing projects. They are looking for an individual who brings application security experience to the table.
Duties and Responsibilities:
Evaluate, implement, maintain, and monitor IT security measures.
Work on existing systems while also supporting a variety of new IT initiatives, including Agile Scrum.
Quickly and easily analyze and understand the department and organization needs to effectively exercise technical leadership over security topology and processes.
Provide security support for project development and existing applications.
Complete and update NIST Application Security Plans on a regular basis as systems change.
Update and submit Security Impact Analysis for existing and proposed applications and update the information security plan accordingly.
Ensure application security roles, when application roles are changed, are properly documented in a usable format.
Provide information security audit support when required.
Provide security guidance at all phases of the application lifecycle to ensure compliance needs are met.
Act as a security liaison and technical point of reference to the application developer and project management groups.
Assist with updating and implementing the annual security awareness training, annual developer training, and annual administrator security training.
Work with the IT program groups and IT support vendors to evaluate and improve IT vendor security posture.
Validate remediation efforts of findings related to vulnerability and system configurations.
Respond to day-to-day IT operations and internal requirements requiring security support.
Assist in identifying security initiative gap assessments.
Implement testing and maintain defined security solutions.
Define desired state for people, process, and technology solutions that are to be utilized to support other IT efforts.
5 + years' of experience in sensor monitoring, vulnerability scanning, network security, incident response, and application security.
Bachelor's degree in an IT related field or equivalent experience.
Minimum 3 years experience administering firewalls and system administration using IBM Resource Access Control Facility (RACF) on Mainframe operating systems
Minimum 3 years experience working with RMF or NIST requirements
Minimum 3 years experience in IT network knowledge/implementation (e.g., firewalls, secure topologies/architectures, intrusion detection/analysis, Microsoft/UNIX/OS security, vulnerability assessments).
Minimum 3 years experience with reviewing Intrusion Detection reports incident response and computer forensic experience.
Minimum 3 years experience identifying application development security concerns and the ability to define and test application security requirements.
Minimum 2 years experience assessing applications for security issues and creating solutions.
Previous experience being responsible for security information / event manager configuration.
Experience responding to audit enquiries/exercises and remediating findings.
Understanding of application assessment software.
Analytical thinker who solves problems and develops continually more effective solutions to them.
Make informed decisions quickly and leverage your communication abilities to implement them.
Enterprise class security tools roll-out
CISSP, CSSLP or CISA certification
Accessibility: If you need an accommodation as part of the employment process
please contact Human Resources at Email: email@example.com
Equal Opportunity Employer, including disabled and veterans.
If you want to view the EEO is the Law poster,
please choose your language:
TCC Software Solutions