Notes from the manager:
For this position we are really looking for someone who is strong in Security Operations (Vulnerability Management, Penetration Testing, Incident Response, Identity Access Management, etc.). A few of the candidates were strong in Risk Management (Risk Assessment, Data Classification, Audits, etc.) but we already have those skills on our team. The remaining candidates mostly struggled to answer basic technical questions relating to security and seemed to mostly come from more IT Operations backgrounds. We are looking for an experienced person as this is not an entry level opening.
General things to consider when screening:
Analyze the security impact of application, configuration, and infrastructure changes to ensure compliance with the security standard as part of the change management lifecycle.
Assess the configurations of applications, servers, and network devices for compliance with the security standard.
Analyze and document how the implementation of new system or new interfaces between systems impacts the security posture of the current environment.
Assess and document the security impact and risks of newly discovered vulnerabilities in the environment.
Coordinate resolution of application and infrastructure security vulnerabilities with System Owners, IT, and vendors. Track resolution of vulnerabilities and provide regular updates to management.
Coordinate resolution of endpoint security vulnerabilities with users and provide regular updates to management.
Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and documentappropriately.
| Skill | Required / Desired | Amount | of Experience |
| NIST 800-53 rev 5 and/or Criminal Justice Information System (CJIS) specifications for an information security management system. | Required | 5 | Years |
| Software development lifecycle, vulnerability management processes, role-based authentication methodologies, etc. | Required | 5 | Years |
| Familiarity with programming languages such as Python, Java, JavaScript, C++, C#, SQL, HTML, CSS, and/or COBOL. | Required | 5 | Years |
| Expertise in using automated vulnerability scanners like Nessus, Qualys, Retina, and/or Tenable. | Required | 5 | Years |
| Familiarity with web application security testing tools like Burp Suite, Fortify, and/or AppScan. | Required | 5 | Years |
| Basic scripting skills (e.g. WDL, VBScript, JavaScript, PowerShell, Python) for automation | Required | 5 | Years |
| IT security or risk assessment certifications are advantageous (CISM, CCSP, CISSP, CEH, CompTIA Pentest+ and/or CompTIA Security+) | Required | 5 | Years |
Before you apply to a job, select your language preference from the options available at the top right of this page. Explore your next opportunity at a Fortune Global 500 organization. Envision innovative possibilities, experience our rewarding culture, and work...
...Life Coach & Business Development Opportunity Are you passionate about connecting talented professionals with meaningful career opportunities... ...Communication Skills A Self-Starter with Ambitious Financial Goals Ready to Establish a New Level of Success in a Self-...
...emotionally, and spiritually fit. Find whole-person care, dedicated teams and staff, and a wide variety of medical services, all at our hospital in Shawnee Mission, Kansas. The Role Youll Contribute Cleans the cooking areas, utensils, and equipment in the kitchen, as...
...IntheLoop is looking for a AI Engineer Intern to join our team remotely for Summer 2025. In this position, your main project will be the end-to-end ownership over the design, fine-tuning, and deployment of a generative AI agent that will integrate with our existing...
Important Note: This internship is unpaid and is for college credit. Position Summary This is an exciting opportunity for a highly motivated and creative individual to gain valuable hands-on experience in marketing and contribute to the success of [Your Company Name...