Career

ACCOUNTABILITIES

• Provides holistic security advice through network, host, database, device, and people/process environments to a wide range of internal business stakeholders.
• At advanced stages, leaders of business units and embedded security champions may provide software or portfolio-level advice.
• In one or more fields, it usually provides deeper knowledge and experience.

** Must be W2 - working remote

• Have in-depth knowledge on any of the enterprise scanning tools (Nexpose, Tenable IO, Qualys, Twistlock, etc.) 
• Be able to understand and give consultantt on CIS and DISA STIG benchmarks 
• Understanding of FedRAMP, FISMA compliance methodologies 
• Have experience on OWASP tools and methodologies and security attack vectors. 
• Understanding and knowledge of threat and vulnerability management, and penetration testing 
• Practical experience with developing scripting languages (such as Python, Java Script etc.  

• Works with clients to mitigate compliance risks in terms of safe product setup, implementation and how they match and conform to relevant security protocols and guidelines.
• Guides clients in the development and enforcement of security control
• Prioritizes own work and may have responsibilities to instruct, guide, delegate and supervise the work of more junior team members
• Understands and contributes to the approach, regulation, guidelines, and processes for cybersecurity
• Build and offer workshops on cybersecurity issues to professional and non-technical audiences.
• Translates cybersecurity specifications for a single customer, software or project into specific frameworks, apps and model designs