Overview
Remote
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 6 month(s)
Skills
IT Security
Computer Science
Management Information Systems
Information Technology
Information Security
Firewall
Intrusion Detection
Encryption
OSINT
Cloud Computing
FOCUS
SIEM
Snow Flake Schema
Splunk
Open Source
EnCase
SIFT
Writing
Policies and Procedures
Analytical Skill
Problem Solving
Conflict Resolution
Management
Access Control
Authentication
Authorization
Privacy
Internet
Network Protocols
Network
Network Security
System Security
Risk Analysis
Risk Management
Scripting
Incident Management
Communication
Documentation
Recovery
Legal
IT Service Management
Regulatory Compliance
ISO/IEC 27001:2005
NIST 800-53
PCI DSS
Job Details
Title: IT Security Manager
Location: Remote
Bachelor's Degree in Computer Science/MIS or equivalent experience
7+ years of total experience in Information Technology
3+ years of professional experience in an information security function, including analyzing and applying information security risk management, and privacy practices
2+ years in an information security incident handling role
Strong understanding of network protocols and security technologies, including firewalls, intrusion detection systems, and encryption.
Experience with open-source intelligence (OSINT) tools and techniques.
Experience with cloud and physical forensic investigations, delivering executive reports
Knowledge of red team/blue team exercises and experience participating in such exercises.
Technical understanding of incident response frameworks and methodologies with a focus on automation.
Experience with Intel, SIEM, and SOAR platforms, such as, ThreatConnect/MISP, Snowflake/ Splunk, and Swimlane/DeMisto
Expertise with commercial and open-source digital forensic toolsets such as Encase, AccessData, SIFT, Axiom Flexible working hours to support a global operation
Required Interpersonal Skills
Experience engaging with executive level individuals during the conduct of incident response
Excellent oral and written communication ability
Ability to present complex technical issues and findings to diverse audiences in both technical and non-technical parlance, both orally and in writing
Diplomacy in working with customers and stakeholders
Ability to follow policy and procedure
Ability to work in a team and at times perform under stress
Demonstrate integrity in dealing with potentially sensitive data and restricted information
Exceptionally self-motivated with a superior analytical, evaluative, and problem-solving abilities
Ability to set and manage priorities judiciously
Required Technical Skills
Knowledge of basic security principles to include confidentiality, integrity, and availability; access control, authentication, and authorization; privacy and non-repudiation
Understanding of security vulnerabilities and exposures, and from where they arise
Familiarity with the Internet, its network protocols, and network applications and services
Knowledge of network security issues and host/system security issues
Understanding of malicious code of various types and various threat vectors
Experience with Risk Analysis and Risk Management
Basic understanding of programming and scripting, advanced knowledge a plus
Required Incident Handling Skills
Through good communication and documentation, presents a consistent front to customers and stakeholders
Ability to synthesize data from technical skills listed above to understand and identify intruder techniques
Ability to utilize interpersonal skills listed above to communicate with customers and stakeholders and bring quick resolution
Demonstrated ability to analyze ongoing situations for the potential of a security incident
Ability to maintain incident records in support of recovery, regulatory and legal requirements
Familiar with ITIL service management methodology.
Prior experience in a 24x7x365 operations environment.
Strong technical skills in security assessments of external service providers, providing security guidance, and participating in mock security breach exercises
Experience with GDPR and GDPR compliance implementations
Experience and/or SME knowledge of the ISO 27001, NIST 800-53, NIST CSF and PCI DSS.
3+ years of professional experience in an information security function, including analyzing and applying information security risk management, and privacy practices
2+ years in an information security incident handling role
Strong understanding of network protocols and security technologies, including firewalls, intrusion detection systems, and encryption.
Experience with open-source intelligence (OSINT) tools and techniques.
Experience with cloud and physical forensic investigations, delivering executive reports
Knowledge of red team/blue team exercises and experience participating in such exercises.
Technical understanding of incident response frameworks and methodologies with a focus on automation.
Experience with Intel, SIEM, and SOAR platforms, such as, ThreatConnect/MISP, Snowflake/ Splunk, and Swimlane/DeMisto
Expertise with commercial and open-source digital forensic toolsets such as Encase, AccessData, SIFT, Axiom Flexible working hours to support a global operation
Required Interpersonal Skills
Experience engaging with executive level individuals during the conduct of incident response
Excellent oral and written communication ability
Ability to present complex technical issues and findings to diverse audiences in both technical and non-technical parlance, both orally and in writing
Diplomacy in working with customers and stakeholders
Ability to follow policy and procedure
Ability to work in a team and at times perform under stress
Demonstrate integrity in dealing with potentially sensitive data and restricted information
Exceptionally self-motivated with a superior analytical, evaluative, and problem-solving abilities
Ability to set and manage priorities judiciously
Required Technical Skills
Knowledge of basic security principles to include confidentiality, integrity, and availability; access control, authentication, and authorization; privacy and non-repudiation
Understanding of security vulnerabilities and exposures, and from where they arise
Familiarity with the Internet, its network protocols, and network applications and services
Knowledge of network security issues and host/system security issues
Understanding of malicious code of various types and various threat vectors
Experience with Risk Analysis and Risk Management
Basic understanding of programming and scripting, advanced knowledge a plus
Required Incident Handling Skills
Through good communication and documentation, presents a consistent front to customers and stakeholders
Ability to synthesize data from technical skills listed above to understand and identify intruder techniques
Ability to utilize interpersonal skills listed above to communicate with customers and stakeholders and bring quick resolution
Demonstrated ability to analyze ongoing situations for the potential of a security incident
Ability to maintain incident records in support of recovery, regulatory and legal requirements
Familiar with ITIL service management methodology.
Prior experience in a 24x7x365 operations environment.
Strong technical skills in security assessments of external service providers, providing security guidance, and participating in mock security breach exercises
Experience with GDPR and GDPR compliance implementations
Experience and/or SME knowledge of the ISO 27001, NIST 800-53, NIST CSF and PCI DSS.
Reach me at
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.