Title: Cyber Security Advisor (application security)
Location: Collierville, TN
Type: 6-month Contract for Hire
Start Date: ASAP
- The Cyber Security Analyst will act as the primary liaison between client s Logistics IT and the client s Information Security organization
- The individual will actively participate in regular engagements with client s Information Security in order to drive understanding and compliance of InfoSec standards and requirements back into the client s Logistics IT organization
- In addition, they will provide local subject matter expertise to ensure clear communications and deep understanding of Information Security architecture.
- Validate that secure coding methods are embedded into the software development process to ensure code released to production is adequately protected.
- Perform SAST and DAST and work closely with application development to remediate vulnerabilities.
- Perform security scanning and penetration testing, vulnerability assessment and remediation.
- Administer and support the enterprise vulnerability scanning systems
- Map specific security gaps/flaws back to a risk level and articulate appropriate risk mitigation strategy.
- Assist in driving effective and defensible security design for operational systems including firewall design, two factor authentication, role-based access, logging and monitoring.
- Drive compliance/adherence of design back to reference architecture and information security standards.
- Understand patching and server-hardening approaches in industry, assist in enhancement of client s standard practices. Drive short and medium-term planning to adhere to patching and hardening standards.
- Understand Fraud Techniques and mitigating controls.
- Deliver Data Protection Options including Data Loss Prevention and Encryption strategy for systems and applications.
- Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing (e.g., GDPR, ISO 27001, Cloud Security Alliance, NIST 800-53, PCI DSS, SOC2.
- Bachelor's degree in computer science, information systems or related field
- Eight (8) years of relevant experience
- Five (5+) years of experience in IT information security
- Strong technical and consulting skills
- Project management capability
- Experience with security and risk frameworks, standards and best practices
- Strong communication skill
- Able to present effectively to executive level in both business and IT terms