Information Security Engineer in New York, NY at ConsultNet

Date Posted: 7/31/2020

Job Snapshot

Job Description

Title: InfoSec Engineer
Location: NYC
Duration: 4 months Contract w/a potential to convert to FTE

JOB DESCRIPTION:

Responsibilities:
  • Working with the Director of Information Security you will be implementing and enforcing corporate security standards
  • Responsible for the successful operations of all security tools and technologies and participates in or drives security reviews for new products and services.
  • Partners closely with the scrum teams, DevOps leads, Product Development managers, and Product Managers to improve the operating risk posture, improve security maturity, and mitigate risks.
  • Aggressively but realistically help to eliminate technical debt that leads to security vulnerabilities.
  • Assist in performing risk assessments and developing remediation plans for identified risks.
  • Documents wiki, run books, and trains others to help operationalize and automate DevSecOps.
  • Works across engineering teams to prioritize flaws and with external entities to respond to security issues and concerns.
  • Continuously identifies areas needing improvement, creates action plans, and executes to implement changes in a timely manner

Experience/Requirement:
  • A bachelor's in computer science (or equivalent) degree with 5 years of documented information security work experience
  • Strong knowledge of NIST standards and the NIST Cybersecurity Framework.
  • Strong sense of project management, prioritization and ability to resolve or mitigate blockers.
  • A strong level of technical depth in the information security domain and is focused on driving metrics-driven results
  • Experience with complex SaaS and Corporate IT services environments
  • Expertise with administering security technology controls (firewalls, orchestration platforms, anti-malware, forensics, IAM, IDS, DLP, open-source, etc.)
  • Experience with security automation and technology and process integrations with CI/CD pipelines.
  • Experience managing security in DevOps and SaaS environments.
  • Experience with AWS and best practices for monitoring an IaaS environment
  • Experience working with a Corporate Cyber Security Team that declares the standards; your job is to implement and enforce them while also working in partnership to help improve the Corporate standards.
  • Familiarity with operating enterprise security technologies and establishing enterprise security processes.
  • Familiarity and experience with standards and compliance frameworks ISO, SANS, OWASP, NIST, SSAE SOC, ITIL, etc.
  • Development of detailed SecOps metrics and reporting for executive management.
Skills Required:
  • Windows/Linux/AWS sys admin
  • Ansible
  • OWASP Top 10/application security skills
  • Vulnerability management skills
  • Some development experiences
  • DevOps tooling experience with Jenkins
  • Experience using Static/Dynamic Analysis security scanners



Be a part of the ConsultNet difference. As a leading national provider of IT staffing and solutions, ConsultNet delivers exceptional services to startup, midmarket and Fortune 1000 companies across North America. Since 1996, we've partnered with clients to create rewarding opportunities for our consultants, successfully building teams that have surefire results.
In the past two years alone, we have placed more than 1,500 consultants in contract, contract-to-hire, or direct placement opportunities. We understand communication is key to finding the right job that matches your skills and career goals. For us, it's not just the work that we do; it's how we do the work. Our breadth of offerings extends to multiple IT positions in major markets throughout the country, see more at www.consultnet.com