Education: BA/BS
Clearance: TS
Industry: Information Technology (Computers)
Job Type: Professional
Experience Level: Mid Level (6-10 years)
Job Responsibilities:
Auditor will be a member of the Blue Team conducting the full life cycle of a security audit.
Perform system reviews to ensure group-level policies are working within compliance.
Will be responsible for conducting automated and manual vulnerability testing on major applications and network infrastructures.
Auditor will brief the customer, conduct the full audit process including technical security, physical security and computer user security.
Auditor will out brief the customer and write audit reports.
Auditor will be responsible for conducting all security testing, analyzing the results of the testing, and developing a comprehensive audit report documenting all findings based on level of risk.
Auditor should have experience auditing network devices, application servers, web applications and public facing websites.
Implement components of audit and assist in development of a technical audit program.
Will involve approximately 25% travel to customer sites to perform security audits.
Requirements:
Responsibilities in developing, implementing and execution of a robust technical audit program.
Must possess 5+ years experience with vulnerability assessments/scanning tools and networking.
Linux and wireless security experience are preferable.
Should possess experience doing network and database security scanning.
Should have operational experience with automated vulnerability assessment tools including, but not limited to, ISS, nessus, nmap, MBSA, Foundstone, WebInspect, AppDetective, MBSA, etc.
Requires 5 years of related security experience.
It is preferred that this person be a current Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), or similar security professional certifications
Strong communication, interpersonal and client-facing skills required.
|
