Information Security Specialist

Location: Washington DC Region
Category: Information Technology
Employment Type: Contract To Hire
Contact: lindsey.gregor@hirestrategy.com

Our client in DC has an i mmediate Contract-to-Hire opportunity for an Information Security Specialist. The conversion salary is up to 100K (with amazing benefits).

Please see the job description below and if interested, shoot your most current resume over to Lindsey at lindsey.gregor@hirestrategy.com along with a good time and number to reach out.

Must Haves:

  • Experience working in a cloud environment
  • Can be with Azure or AWS
  • Experience monitoring threat and vulnerability with a Network Vulnerability Management Software
  • Experience using a web application security assessment tool

  • Preferred but not required:
    • any experience with a SIEM tool (Security incident and event management)
    • Bachelors in IT related field
    • One or more of the following certifications are strongly preferred: CISSP, CCSP, CISA, CISM, CRISC, SANS: GIAC, GSEC, GWAPT

    The Information Security Specialist provides assistance with safeguarding information assets by identifying and analyzing potential and actual security incidents. This position is responsible for evaluating, monitoring, and implementing information security initiatives and identifying issues in technology, software or services.

    Duties/Responsibilities:

    Administering the vulnerability management program. Reviewing and responding to known and possible network attacks, vulnerabilities and alerts

    Maintaining and reviewing secure access to program servers, file shares, and security groups

    Proficiency performing audit analysis of accounts and process management to include permission lists, organizational changes, separated employees, inactive accounts etc.

    Developing measures to prevent unauthorized software from being installed and executed on systems

    1

    Recommending and supporting the development and management of network security and incident response policies and procedures

    Proficiency archiving and reviewing system audit logs and all other pertinent log files that will support incident response activities

    Maintaining records on configuration and patch management tools to ensure that patches/system modifications maintain the desired security posture

    Developing/revising technical standards for security devices, security operations, and other operations as required

    Proficiency developing measures to prevent unauthorized software from being installed and executed on systems

    Interacting with information security vendors and holding information security vendors accountable to technology and services obligations to the organization

    Ensuring that change control procedures are strictly followed for all changes to all production systems.

    Proficiency analyzing security incidents and escalation of security events 24x7.


    Back to top