Senior Consultant, Security Program Management
Full time permanent position
$80-$95K plus bonus
The Senior Consultant has primary responsibility for direct supervision of Consultants in developing and executing information security project work plans. The Senior Consultant has direct, client-facing engagement responsibilities. Serving as both role model and trainer, the Senior Consultant demonstrates the attributes of excellent client service and assists team members in developing technical and professional competency. The Senior Consultant learns to identify areas of IT risk in the client environment and opportunities to help them to improve information security, and business processes.
Qualifications:
-Ability to Travel ~40%-50% (Travel throughout the month frequently required based on client requests/commitments).
- Bachelor's degree in relevant discipline (eg MIS, CIS). Required minimum GPA 3.0.
-3+ years in a related field, preferably in professional services and/or industry.
-Professional Certification such as CISSP, CISM, GSEC, GIAC, CEH, CPT are strongly preferred.
-Proficiency in utilization of information security tools such as Nessus, Kismet, Airsnort, NMAP, Ethereal, WebInspect and Nikto, and manual techniques to exploit vulnerabilities in the OWASP top 10 including but not limited to cross-site Scripting, SQL injections, session hi-jacking and buffer overflows to obtain controlled access to target systems.
-Ability to perform network traffic forensic analysis, utilizing packet capturing software, to isolate malicious network behavior, inappropriate network use or identification of insecure network protocols.
-3+ years hands on experience in one or more of the following Operating Systems: Windows Server 2003/2000/NT, Linux and UNIX.
-3+ years practical experience in TCP/IP Networking.
-A diverse skill base in both Information Systems and Information Security which address organizational structure and administration practices, system development and maintenance procedures, system software and hardware controls, security and access controls, computer operations, environmental protection and detection, and backup and recovery procedures.
-Attack and Penetration experience in testing of Internet infrastructure and Web-based applications utilizing manual and automated tools.
-Knowledge of information system architecture and security controls (ie Firewall and border Router configurations, operating systems configurations, wireless architectures, databases, specialized appliances and information security policies and procedures).
-Prior project management and supervisory skills ideal.
-Ability to work in a team environment and foster client relationships.
-Understanding of the importance of business ethics.
-Sound job administration skills.
-Above-average written and verbal communication skills, including documentation of findings and recommendations.
-Analytical skills.
-Ability to handle highly confidential information in a strictly professional manner.
-Ability to maintain professional demeanor in times of high stress.
-Apply understanding of business processes and technical skills to successful completion of projects.
-Develop understanding of project requirements and client's business.
Jobs, Senior Consultant, Security Program Management, Information Security, Consulting, CISSP, CISM, GSEC, GIAC, CEH, CPT, Nessus, Kismet, Airsnort, NMAP, Ethereal, WebInspect, Nikto