Lead Technical Security Auditor 12 plus years in San Jose CA( hybrid 4days/ week)

Hi There,

Hope you are doing well.

We are the global Information Technology Solutions provider offering IT services to Fortune 500 customers. We are constantly in a look for qualified resources to fulfil our client's requirements. Below is the job opportunity which might be suitable for you. Please go through the below job description and reply with your interest.

Position : Lead Technical Security Auditor(12 plus years)

Location : San Jose CA( hybrid 4days/ week)

A highly skilled and experienced Lead Technical Security Auditor with deep expertise in penetration testing, vulnerability scanning, and network security assessment. Possesses a strong understanding security auditing methodology. Committed to providing comprehensive and actionable security assessments to help organizations strengthen their defences.

Key Skills:

• Security Auditing: Expertise in conducting technical security audits across various systems, networks, and applications.
• Compliance Frameworks: Strong understanding of industry standards and regulatory requirements, such as ISO 27001, ISO LA 27001 certification, NIST, PCI DSS, and GDPR.RFP (Request for Proposal) and RFI (Request for Information)
• Penetration Testing: Expertise in conducting various types of penetration tests, including black box, grey box, and white box testing.
• Vulnerability Scanning: Advanced proficiency in using vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS) to identify security weaknesses.
• Network Scanning: Deep understanding of network scanning techniques and tools (e.g., Nmap, etc) for network discovery and vulnerability identification.
• Exploit Development: Knowledge of exploit development methodologies and techniques for identifying and exploiting vulnerabilities.
• Risk Assessment: Ability to assess and evaluate security risks and prioritize remediation efforts.
• Network Security: Knowledge of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs.
• Operating Systems and Applications: Familiarity with various operating systems (Windows, Linux, macOS) and applications.
• Cloud Security: Experience with penetration testing and vulnerability scanning in cloud environments (e.g., AWS, Azure, Google Cloud Platform).
• Scripting and Automation: Proficiency in scripting languages (e.g., Python, PowerShell) for automating security testing tasks.
• Documentation and Reporting: Excellent documentation and reporting skills, with the ability to clearly communicate audit findings and recommendations.
• Communication and Collaboration: Strong communication, interpersonal, and collaboration skills. Ability to work effectively with technical and non-technical stakeholders.

Experience:

• Assisted in the development and implementation of security policies and procedures.
• Conducted numerous penetration tests and vulnerability assessments for various organizations, identifying critical vulnerabilities and security gaps.
• Worked with IT and security teams to remediate audit findings.
• Utilized a wide range of penetration testing tools and techniques to exploit vulnerabilities and assess security posture.
• Performed network scanning and analysis to identify network devices, and services.
• Developed and executed comprehensive penetration testing plans and reports.
• Provided expert guidance and training to clients on security best practices and remediation strategies.

Education:

• Bachelor's degree in computer science, Cybersecurity, or a related field.

Relevant industry certifications (e.g., OSCP, GPEN, GXPN, CISSP, CEH).

R