Information Security Engineer
Posted on: December 2, 2018
LRS Consulting Services has been delivering the highest quality consultants to our clients since 1979. We've built a solid reputation for dealing with our clients and our consultants with honesty, integrity, and respect. We work hard every day to maintain that reputation, and we're very interested in candidates who can help us. If you're that candidate, this opportunity is made for you!
We have an exciting opportunity for a Information Security Engineer in Broomfield, CO. This is a 6 month contract to hire opportunity.
--- Develop system security policies and secure system and network architectures
--- Collaborate with team members, peers and business units to determine technical information security requirements
--- Assist in the development and refinement of technical security standards
--- Ensure the information and network security controls are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups
--- Execute on strategy and develop services to address specific information assurance, risk management, and related compliance issues
--- Member of the incident response process/team which receives and responds to all internal and external reports of suspected information security incidents
--- Develop and maintain a computer forensics investigations program using digital forensic related tools
--- Responsible for developing and maintaining a vulnerability management and threat assessment program
--- Create and maintain all Information Security Policies and Procedures
--- Provide status reports on a weekly, monthly and quarterly basis to business managers and other management activities that demonstrate the health of the program
--- Support the Information Security policy lifecycle throughout, including all aspects of intake, creation, review, approval, implementation, publishing, communication and maintenance
--- Function as point of contact and subject matter expert relating to Information Security
--- Establishing and maintain trusted relationships and partnerships with key information security and privacy professionals in both private and public sectors
Security Engineering - 25%
--- Develops security tools and infrastructure, maintains current security tools portfolio, identifies and recommends security tools improvements and replacements
--- Develops and delivers recommendations for infrastructure hardening, vulnerability remediation and risk reduction
--- Interfaces with vendors and IT professionals to design appropriate security controls and threat response solutions and procedures.
--- Provides subject matter expertise on security infrastructure components in support of new and existing projects
Vulnerability Management and Threat Assessment - 25%
--- Develops, implements, and manages a vulnerability and threat assessment services program, tailored to the specific needs and requirements of our technology deployments and asset protection needs.
--- Monitors the broad "threat landscape" for potential threat information relevant to risk exposures.
--- Responsible for the Vulnerability Management Program (VMP) which includes automated vulnerability scanning, customized vulnerability assessment, and penetration testing.
IT Monitoring - 25%
--- Provides response management and ongoing guidance on solutions to achieve and maintain security compliance, to mitigate information security risks and to correct compliance exposures and gaps.
--- Performs and manages any IT-specific activities or remediation required to meet applicable federal and state regulations.
Risk Management - 10%
--- Develops, implements, and manages the information security risk assessment services program, tailored to the specific needs and requirements of our technology deployments and asset protection needs.
--- Manages the remediation process, creates reports, and provides oversight of IT Services efforts to address and mitigate risks.
--- Ensures that our assets (i.e. business activities, key services, key people, business partners, applications, and data) are identified and reports on specific information security risks and threats related to the assets.
Incident Response and Handling - 10%
--- Directs the timely response and investigation efforts for security incidents, breaches and forensics to meet all regulatory and business requirements and minimize their impact.
--- Assures the timely response and investigations of security incidents.
--- Ensures that information security strategies and processes meet all regulatory and business requirements so that the impacts of incidents are minimized.
--- Develops procedures for incident response to meet regulatory needs.
--- Manages and expands the digital forensic services program.
--- Evaluates new tools and external services, recommends purchases and subscriptions, stays current on latest technologies, and collaborates with external subject matter experts on information security methodologies and best practices.
Education and Outreach - 5%
--- Assessing education and outreach needs, developing related strategies, developing training content, and participating in outreach activities.
--- Bachelor's degree in Information Assurance, Information Security, Cyber Security, Networking, or related discipline, or an equivalent combination of education, certification and work experience
--- Experience conducting information security risk assessment, control analysis, and vulnerability assessments
--- Experience with security related technologies, systems, and tools
--- Knowledge of information security threats and vulnerabilities
--- Work experience conducting investigations and managing information security incidents
--- Knowledge of NIST SP 800-53 and/or ISO 27001 framework components.
--- Knowledge of Sarbanes Oxley and SSAE 16 standards and guidelines.
--- Project management skills
LRS is an equal opportunity employer. Applicants for employment will receive consideration without unlawful discrimination based on race, color, religion, creed, national origin, sex, age, disability, marital status, gender identity, domestic partner status, sexual orientation, genetic information, citizenship status or protected veteran status.
Candidate must have permanent authorization to work in the USA for any employer
Corp to corp candidates will not be consider
Keywords: LRS, Broomfield , Information Security Engineer, Engineering , Broomfield, Colorado
Didn't find what you're looking for? Search again!