Security Consultant
Austin, TX, United States
Job Title: Security Consultant
Work Location: Austin, TX
Position Type: Contract with possible extension
Duration: 12 + Months
Job Description:
This candidate will be expected to have a solid foundation in managing information security policies, have strong analytical and presentation skills, work experience in a global company, leading and managing global teams. The selected candidate will play a critical role in coordination and project management between various groups. This selected candidate will also help create corporate strategy, review policy, procedures, and training related to managing enterprise risk such as intellectual property protection, and information governance.
Key Responsibilities:
Strong application security background with a focus on providing security guidance to development and application teams.
Experience with threat modeling, security design reviews, security architecture, pen testing and proactive security assessments.
Experience in reviewing and developing Security Architectures and identifying security risks/gaps as well as mitigation strategies
Proven ability to provide Security Requirements for areas including but not limited to; Cloud Computing, Application Development, identity and access management, and Infrastructure design and standards
Knowledge of securing technologies such as, but not limited to; SaaS services (i.e., O365, Salesforce), Application Design, Container Platforms (ie. Docker, Kubernetes), APIs, Serverless,
Knowledge of SDLC (Waterfall/Agile), DevSecOps, and good understanding of the ITIL Framework
Provide guidance for security control validation for team members.
Drive continuous improvement of security control validation processes & procedures
Identify opportunities for automation where possible to enhance security and drive implementation of technology that creates value for the organization
Proven ability to understand large complex integrated solutions and provide the security needed between systems
Partner with various stake holder groups to promote and build a culture of security and implement/enhance controls accordingly
Monitor internal and external threat landscape to update strategy and intellectual property protection program roadmap
Work with a global team to help implement and monitor security controls to proactively identify risk issues and ensure adequate security solutions are in place throughout all systems
Establishes control-related process/procedures and while working towards building relevant security metrics and dashboards
Identifies potential threats and subsequent remediation of vulnerabilities in the environment
Review and update policies and provide training as needed to internal & external audience
Provide periodic reports to management team and key stakeholders
Qualifications:
Bachelor's degree in Information Technology or related field
6-8 years of relevant information security experience
Prior experience in partnering with cross-functional teams to deliver impactful security initiatives
Prior experience with threat modeling, security design reviews, and security architectural concepts
Expertise across common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, NIST, including 800-53 and Cybersecurity Framework is preferred
Any recognized security certifications, e.g., CISSP, CISA, CISM etc.
Working experience in a global company is preferred
Strong interpersonal, writing, and communication skills; ability to clearly articulate and visually present complex advice to managers at all levels
Excellent analytical and critical thinking skills
Ability to manage multiple projects with team members from various business units/functions and countries
Ability to work both independently and work within a team to analyze complex business problems and recommend solutions
Ability to travel periodically
#J-18808-Ljbffr