Notes from the manager:
For this position we are really looking for someone who is strong in Security Operations (Vulnerability Management, Penetration Testing, Incident Response, Identity Access Management, etc.). A few of the candidates were strong in Risk Management (Risk Assessment, Data Classification, Audits, etc.) but we already have those skills on our team. The remaining candidates mostly struggled to answer basic technical questions relating to security and seemed to mostly come from more IT Operations backgrounds. We are looking for an experienced person as this is not an entry level opening.
General things to consider when screening:
Analyze the security impact of application, configuration, and infrastructure changes to ensure compliance with the security standard as part of the change management lifecycle.
Assess the configurations of applications, servers, and network devices for compliance with the security standard.
Analyze and document how the implementation of new system or new interfaces between systems impacts the security posture of the current environment.
Assess and document the security impact and risks of newly discovered vulnerabilities in the environment.
Coordinate resolution of application and infrastructure security vulnerabilities with System Owners, IT, and vendors. Track resolution of vulnerabilities and provide regular updates to management.
Coordinate resolution of endpoint security vulnerabilities with users and provide regular updates to management.
Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and documentappropriately.
| Skill | Required / Desired | Amount | of Experience |
| NIST 800-53 rev 5 and/or Criminal Justice Information System (CJIS) specifications for an information security management system. | Required | 5 | Years |
| Software development lifecycle, vulnerability management processes, role-based authentication methodologies, etc. | Required | 5 | Years |
| Familiarity with programming languages such as Python, Java, JavaScript, C++, C#, SQL, HTML, CSS, and/or COBOL. | Required | 5 | Years |
| Expertise in using automated vulnerability scanners like Nessus, Qualys, Retina, and/or Tenable. | Required | 5 | Years |
| Familiarity with web application security testing tools like Burp Suite, Fortify, and/or AppScan. | Required | 5 | Years |
| Basic scripting skills (e.g. WDL, VBScript, JavaScript, PowerShell, Python) for automation | Required | 5 | Years |
| IT security or risk assessment certifications are advantageous (CISM, CCSP, CISSP, CEH, CompTIA Pentest+ and/or CompTIA Security+) | Required | 5 | Years |
...Description Join our team!Looking for a fast-paced, rewarding career in public safety? Join our Police Department as a 9-1-1 Dispatcher Trainee and become an essential part of the emergency response team.Make a difference every dayin this role, you...
...: No weekends for the majority of our centers, 10 Paid Holidays, and early Fridays. A great benefits package that includes healthcare coverage, paid time off, paid holidays, retirement plan, and more. Competitive compensation with advancement opportunities and...
...QualificationsNo experience, Willing to trainAbility to work within recognized turnaround timesMust have exceptional social skills and the ability to... ....You will have ample opportunity for growthPart-time offered - pick the days you wish to workA commitment...
...Follow @Kennametal: Twitter, Instagram, Facebook, LinkedIn and YouTube. Shift: D (Friday - Sunday, 5pm - 5am) Technical Process Operator I Company Celebrating its 80th year as an industrial technology leader, Kennametal Inc. delivers productivity to...
...committed to providing innovative, cost-effective, constructible designs for the global infrastructure market. With over 3,000 employees... ...sustainable solutions.**Job Summary**We are seeking a Senior CAD Designer to join TYLin's Bridge sector. This exciting opportunity...