Security Risk Advisor || 100% Remote at Remote, Remote, USA |
Email: [email protected] |
From: Shubham, USC Group [email protected] Reply to: [email protected] Position: Security Risk Advisor Location: 100% Remote Visa: Only USC, GC, GC-EAD, H4-EAD, H1B and Strong OPT-EAD Duration: Long Terms Contract (12+ Months) Required skills: Candidates that have experience with, but not all: Dev sec ops Application security Cloud computing/security (Azure & GCP) Risk management (GRC) Vulnerability management Someone who maybe has been a developer and wants to get into security would be a great profile to go off of, but not a must Skills and Experience Experience with vulnerability management across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP). At least 5-7+ years experience in information security administration, vulnerability management or security operations. Proficient with vulnerability management solutions such as Qualys, Nexpose, Nessus, Kenna Security, Tanium and open source. Experience stabilizing systems to run minimal application requirements, least privilege and additional host hardening. Understanding of Windows and *nix operating systems, endpoint applications, networking protocols and devices. Preferably some experience with vulnerability management across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP). Experience conducting organization-wide vulnerability scanning and remediation processes. Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface. Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or International Standards Organization (ISO). Capable of scripting in Python, Bash, Perl or PowerShell. Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle. Certification Requirements Preferably, one or more of the following: GCED, GCCC, GPEN, GCIH, CISSP or CRISC. Keywords: golang green card |
[email protected] View all |
Wed Sep 13 18:30:00 UTC 2023 |