Our client, a privately held, rapidly growing technology company, delivers world class traditional and cloud based disaster recovery and business continuity solutions to governmental and enterprise clients across the U.S.. Recognized as an industry leader by Forrester(R). We seek talented, dynamic individuals to join our team.
Our client is seeking a dynamic SISO with a diverse background in information assurance and security engineering principles. The SISO will be a hands-on position responsible for identifying, designing, implementing, and managing the information security at RPS. The successful candidate must be knowledgeable with technical security architectures and operational controls as well as policy requirements. The candidate must be able to work with a wide range of technical subject matter experts to develop risk-based security controls for many different platforms.
Duties and Responsibilities
Ensure that all necessary assets/systems receive vulnerability assessments/scans on a regular basis. Manage the reporting, analysis, distribution, and remediation processes for vulnerabilities in accordance with RPS policies.
Manage and monitor secure configurations of hardware and software for network devices, servers, operating systems, and applications to ensure all devices are configured in accordance with NIST, CIS Benchmarks for hardened systems.
Deploy, manage and maintain security information and event management (SIEM) capabilities to ensure all critical systems have system/security logs being sent to centralized log management system.
Participate in change management process to review/comment on impact of technical security posture of technical controls prior to changes being approved.
Assist with achieving and maintaining industry and/or regulatory standards such as Fedramp, PCI DSS, SOC2.
Assist with creating and/or maintaining appropriate management security controls and related policies.
The SISO will research and implement guidelines/policies for automating system hardening using such tools as Windows Group Policies (GPO) in accordance with NIST publications.
Bachelors in Information Security, Cybersecurity, or other similar InfoSec degree preferred
5+ years’ experience as a senior security engineer, analyst, or manager
One or more of the following security certifications:
Certified Information Systems Security Professional (CISSP) (ISC2 Cert)
Certified Information SISO ( CISM) (ISICA Cert)
Global Information Assurance Certification (GIAC) (SANS)
Ability to apply for security clearances and meet eligibility requirements including US Citizenship
Competitive salary and benefit package, including group medical/dental, life insurance and 401K.
Job type: Full-time
Equal Opportunity Employer