Job discipline: Infrastructure
Job type: Contract (Consulting)
Location: Morristown, NJ
Sr. Cybersecurity Analyst
The primary role of a Security Consultant is to support Information Security and Technology Risk (ISTR) by providing security consulting and advisory services to internal customers and project teams. The Security Consultant must be able to understand business/technical requirements and be able to identify, document, and prioritize security-related requirements to promote secure system designs and facilitate delivery of information security services throughout the system development life cycle. The Security Consultant will also be expected to identify and propose solutions that effectively balance the business benefit with the security risk and be able to clearly articulate these solutions to both project teams as well as other information security teams to provide awareness of upcoming business initiatives. The individual must also perform high level security assessments of information systems and infrastructure, escalate critical technical or risk decisions when necessary, and partner with other information security resources to aid in the delivery of secure enterprise solutions.
Primary responsibilities will include the following: * Define and provide pragmatic security guidance and recommendations that balance business benefit and security risk * Work and communicate effectively with technical teams and project managers * Participate in project work groups as needed for technical consulting * Enhance workflow processes for project engagement, requirements gathering, documentation and communication * Collaborate with other security subject matter experts to identify and implement appropriate security controls * Identify changes in business strategy to assess potential impact to the Information Security program * Provide formal knowledge and information sharing to other ISTR teams * Mentor other team members to ensure consistent delivery of high quality results
Experience / Skills Required:
* Minimum 5 years of Information Security architecture or technical security experience * Familiarity with many different/disparate network architectures, network services, system types, development platforms and software suites (e.g. Linux/AIX, Windows, Cisco, Oracle, Websphere, Hadoop, Teradata, etc.) required * Familiarity with various security concepts and technologies including firewalls, VPN, IDS/IPS, anti-malware, encryption algorithms, SIEM, authentication/authorization (e.g. Kerberos, SAML, OAuth, PKI, etc.) * Strong Understanding of IT Security Best Practices * Excellent writing, verbal communication, and presentation skills required * Ability to convey complex technical security concepts to technical and non-technical audiences * Self-directed, works with minimal guidance, and recognizes when guidance or escalation is needed * Demonstrated integrity in a professional environment * Strong judgment and analytical ability * Ability to work effectively with internal customers, management, and staff members to articulate findings and recommendations * Ability to balance multiple projects simultaneously and ability to take on large and complex projects with little or no supervision required * Bachelor’s Degree or equivalent work experience * CISSP or other equivalent professional certifications preferred Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.