Job Location: Virginia(Hybrid)
Job Description:
For this position we are really looking for someone who is strong in Security Operations (Vulnerability Management, Penetration Testing, Incident Response, Identity Access Management, etc.). A few of the candidates were strong in Risk Management (Risk Assessment, Data Classification, Audits, etc.) but we already have those skills on our team. The remaining candidates mostly struggled to answer basic technical questions relating to security and seemed to mostly come from more IT Operations backgrounds. We are looking for an experienced person as this is not an entry level opening.
General things to consider when screening:
Analyze the security impact of application, configuration, and infrastructure changes to ensure compliance with the security standard as part of the change management lifecycle.
·Assess the configurations of applications, servers, and network devices for compliance with the security standard.
·Analyze and document how the implementation of new system or new interfaces between systems impacts the security posture of the current environment.
·Assess and document the security impact and risks of newly discovered vulnerabilities in the environment.
·Coordinate resolution of application and infrastructure security vulnerabilities with System Owners, IT, and vendors. Track resolution of vulnerabilities and provide regular updates to management.
·Coordinate resolution of endpoint security vulnerabilities with users and provide regular updates to management.
Skill | Required /Desired | Amount of Experience | Candidate Experience |
NIST 800-53 rev 5 and/or Criminal Justice Information System (CJIS) specifications for an information security management system. | Required | 5 |
|
Software development lifecycle, vulnerability management processes, role-based authentication methodologies, etc. | Required | 5 |
|
Familiarity with programming languages such as Python, Java, JavaScript, C++, C#, SQL, HTML, CSS, and/or COBOL. | Required | 5 |
|
Expertise in using automated vulnerability scanners like Nessus, Qualys, Retina, and/or Tenable. | Required | 5 |
|
Familiarity with web application security testing tools like Burp Suite, Fortify, and/or AppScan. | Required | 5 |
|
Basic scripting skills (e.g. WDL, VBScript, JavaScript, PowerShell, Python) for automation | Required | 5 |
|
IT security or risk assessment certifications are advantageous (CISM, CCSP, CISSP, CEH, CompTIA Pentest+ and/or CompTIA Security+) | Required | 5 |
|
...individual occupying this position will perforn work in the community that supports establishing and building relationships with local CRC's,... ...resources and services. Collaborate with other social workers, healthcare professionals, and community leaders to address...
...Ready to join our quest for better? Job Description Northwestern Medicine has an exciting opportunity for either a Nurse Practitioner or a Physician Assistant to work in our Emergency Medicine department. Schedule: 3x12s; all NIGHTs; rotating weekends and...
...office number at (***) ***-********We are looking for a talented Front End Developer to join our team in Irvine, California. In this long-term... ...you will play a key part in creating dynamic, user-friendly web interfaces while ensuring optimal performance and accessibility...
Clinical Documentation Specialist Location Clinton, IA : Employment Type: Part time Shift: Day Shift Description: At MercyOne, health care is more than just a doctor's visit or a place to go when you're in need of medical attention. Our Mission is based on improving...
Virtua Medical Group is currently seeking a full-time Physician Assistant or Nurse Practitioner to join our Gastroenterology team. This role involves coverage across our five inpatient facilities, situated in Voorhees, Marlton, Willingboro, Mount Holly and Camden. The...