Vulnerability Management Consultant

Erlanger, KY
Contract
Full-time

12 hours ago
Apply easily

Company DescriptionWe work as trusted business partners and always strive to deliver the most value and highest return on investment for our clients. We are highly trained business professionals with strong understanding of clients need. We work closely with the leading staffing trade associations, training, and research organizations to ensure we are knowledgeable of the latest industry trends and technologies.Job Description13+ Exp. only

Review Projects and their technical design documents for Information security risks and advise on suitable controls and mitigations at early stages of the program
Fair understanding of Technology Landscape Applications Infrastructure Cloud and review
Clients information security and related threats and vulnerabilities legal and regulatory
requirements
Good Understanding on Security Standards like ISO 270012 SOX ITGC SOC1 or SOC2
DevSecOps OWASP top 10 Business Impact analysis ISO 22301 ISO 27005
Assess and classify all potential business and infrastructure information risks
Review and advise on information security risks of vendor offerings Newleveraging existing SAAS PAASIAAS services including integration with Client environment
Conduct risk assessment on Applications Network Systems according to Client policies applicable Standards legal regulatory requirements
Identify the risks in the Client Projects provide recommendations for remediation of identified risks
Translate Technical legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies
Identify or design the controls for implementation based on the outcome of Risk Assessment its remediation and residual risk
Ensure all the controls outlined for an applicationInfrastructure are designed effectively
Review Vulnerability Assessment and Penetration Test scan results and recommend the risks to be remediated
Review and approve the control design of supplier and their organization technical specifications against Client security control requirements
Ensure all the risks are documented classified and tracked with appropriate action as per the IRM standards
Work with Project Managers Business Analysts Architecture and Support Team to ensure Client Information Risk Management standards are being followed
Test the control effectiveness post implementation or deployment of controls and technologies
Conduct Security governance with Client stakeholders

Technology

Understanding of Cloud Security SAAS IAAS and PAAS and Onpremise infrastructure
Understanding of secure application development and support
Knowledge on Network Security Data Security Practices EndPoint Security Identity and
Access Management
Knowledge on Business Continuity Plan and Disaster Recovery

JD KeywordsSecurity Risk Assessment ISO 270012 SOX ITGC SOC1 or SOC2 DevSecOps OWASPtop 10 Security Risk Management Business Impact analysis Design Controls DataSecurity Security Policy review Business Continuity Cloud Security Network SecurityIdentity and Access Management ISO 22301 ISO 27005 Control testing ControlassessmentKnowledge and skills

Projects Stake holder Management Governance Management Reporting
Very good communication skills Agile Project delivery
Cloud Security controls Data Security SeInfo baselines Privacy requirements

Education Background

BTech CA MBA MS Info Sec MTech

Industry Certifications

ISO 27001 Lead Auditor or Lead Implementor CISA CRISC CISM CISSP.

Regards,Mohammed ilyas,PH - 229-264-4024 or Text - 229-469-1455 or You can share the updated resume at Mohammed@vtekis. comAdditional InformationAll your information will be kept confidential according to EEO guidelines.

Syncreon