Cyber Security- Vulnerability Management Consultant Job at Quantum World Technologies Inc., Erlanger, KY

TkdrNVlqdklzYUw3d0dTQnBRY0tQQkI3
  • Quantum World Technologies Inc.
  • Erlanger, KY

Job Description

Role: Vulnerability Management Consultant

Location : Erlanger, Kentucky(5 days onsite)

Duration: Full-Time/Permanent

1 Review Projects and their technical design documents for Information security risks and advise on suitable controls and mitigations at early stages of the program

2 Fair understanding of Technology Landscape Applications Infrastructure Cloud and review

Clients information security and related threats and vulnerabilities legal and regulatory

requirements

3 Good Understanding on Security Standards like ISO 270012 SOX ITGC SOC1 or SOC2

DevSecOps OWASP top 10 Business Impact analysis ISO 22301 ISO 27005

4 Assess and classify all potential business and infrastructure information risks

5 Review and advise on information security risks of vendor offerings Newleveraging existing SAAS PAASIAAS services including integration with Client environment

6 Conduct risk assessment on Applications Network Systems according to Client policies applicable Standards legal regulatory requirements

7 Identify the risks in the Client Projects provide recommendations for remediation of identified risks

8 Translate Technical legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies

9 Identify or design the controls for implementation based on the outcome of Risk Assessment its remediation and residual risk

10 Ensure all the controls outlined for an applicationInfrastructure are designed effectively

11 Review Vulnerability Assessment and Penetration Test scan results and recommend the risks to be remediated

12 Review and approve the control design of supplier and their organization technical specifications against Client security control requirements

13 Ensure all the risks are documented classified and tracked with appropriate action as per the IRM standards

14 Work with Project Managers Business Analysts Architecture and Support Team to ensure Client Information Risk Management standards are being followed

15 Test the control effectiveness post implementation or deployment of controls and technologies

16 Conduct Security governance with Client stakeholders

Technology

1 Understanding of Cloud Security SAAS IAAS and PAAS and Onpremise infrastructure

2 Understanding of secure application development and support

3 Knowledge on Network Security Data Security Practices End Point Security Identity and

4 Access Management

5 Knowledge on Business Continuity Plan and Disaster Recovery

JD Keywords

Security Risk Assessment ISO 270012 SOX ITGC SOC1 or SOC2 DevSecOps OWASP

top 10 Security Risk Management Business Impact analysis Design Controls Data

Security Security Policy review Business Continuity Cloud Security Network Security

Identity and Access Management ISO 22301 ISO 27005 Control testing Control

assessment

Knowledge and skills

1 Projects Stake holder Management Governance Management Reporting

2 Very good communication skills Agile Project delivery

3 Cloud Security controls Data Security SeInfo baselines Privacy requirements

Education Background

BTech CA MBA MS Info Sec MTech

Industry Certifications

ISO 27001 Lead Auditor or Lead Implementor CISA CRISC CISM CISSP

Skills

Mandatory Skills : Infra Vulnerability Management - Qualys, Infra Vulnerability Management - Rapid 7, Infra Vulnerability Management - Tenable IO, Infra Vulnerability Management - Tenable Nessus, SC, CS, Infra Vulnerability management/Triaging/ Remdiation Advisory / ServiceNow /ITSM /CMDB

Job Tags

Permanent employment, Full time,

Similar Jobs

WeDriveU

Safety Manager Job at WeDriveU

 ...clients and career opportunities. Job Description: The Safety Manager will be responsible for developing, overseeing, and enforcing...  ...Active CDL with passenger endorsement (or willing/able to secure within six months) DOT MED card (or willing/able to secure within... 

ShipLilly

Logistics Coordinator Job at ShipLilly

 ...About the company ShipLilly is an international transportation and logistics company since 1996 headquartered in the U.S., committed to providing our customers with effective transportation, logistics, warehousing, and e-commerce solutions. For more information visit... 

Generac

Machine Operator I - Weekend Night Shift Job at Generac

Proficiently operate basic machinery independently at a defined rate with proper quality. Develop and maintain an understanding of the products they assemble and how they impact the business. Continuous learning of the principles, practices, and processes of their job ...

Squeeze Massage

Licensed Massage Therapist Job at Squeeze Massage

 ...team member experience. We are focused on the human side of business, and our goal is to be the best employer brand for massage therapists nationwide. We work to foster an inclusive environment, where everyone can shine bright. It's so important that we've made it our... 

Easterly Asset Management

Equity Research Analyst Job at Easterly Asset Management

Equity Research AnalystEasterly Asset ManagementPittsburgh, PennsylvaniaAll applications must include a resume and cover letter. Please send this information to resumes@.Firm OverviewEasterly Asset Management and its Strategic Partners provide private wealth and institutional...