Job Description :
Hello,

Hope you''re doing well. My name is Dhananjay and I''m a member of the ICONMA Recruiting Team.

ICONMA is a global information consulting management firm providing Professional Staffing Services and Project-Based Solutions for organizations in a broad range of industries.

I am pleased to announce that we have received a new opening with our direct client and I believe you may be interested in hearing more about it.

Currently we are looking for a Information Security Engineer position in Johnston, IA

Information Security Engineer

Location: Johnston, IA
Duration: 5-6 months

Description:
Provides application development and support to partner in the planning, delivery and/or support of business processes utilizing information technology and business practices for strategic business units. Work is of medium to high complexity and moderate to high in risk. Has expanded contact with responsibility to varied and multiple departments and functional operations, and actively participates in strategic business relationships. Serves as a key team member which may include being on multiple teams and/or team lead. Participates in the review and formation of processes. May plan work and schedules for others for project related work. Impact of decision-making is medium to high risk and impact. Serves as a consultant or expert and actively shares knowledge across workgroups. Applies information analyses to optimize the integration of major strategic business processes. Designs and implements complex changes impacting several processes with minimal direction. Primarily performs as an individual contributor, but may supervise a small work team (6 or fewer members

Duties:
Lead the Identification, analysis and selection of complex information technology and business practices to support strategic business process/plans.
Participates as required to design, develop, test and integrate applications of high complexity.
Lead in the implementation of information technology and business processes of high complexity.
Supports, evaluates, and continuously improves information technology and business processes to maintain alignment with business plans of medium-high complexity and medium-high risk.
Leads the development and may manage a project plan and schedule for a given functional area.
Acquires solid foundation of project management.
Engages in expanded contact with varied and multiple departments and functional operations; actively participating in strategic business relationships and/or issues.

Key Responsibilities Include:
Provide the technical leadership and partner with architecture, data, application and infrastructure areas to interpret security standards and derive appropriate solutions to manage risk and maintain compliance.
Identify and support the remediation of security vulnerabilities in applications, databases, middleware, operating systems, and networks. Execute a variety of methods to identify vulnerabilities, including but not limited to scanning tools, automation tools, and data analysis.
Partner with delivery teams across IT to ensure ideal security configurations for operating systems, networks, databases, middleware, etc., including participation in the development of hardening standards for cloud adoption and the application of secure coding standards to ensure confidentiality of client information and compliance with applicable standards and controls.
Define the appropriate security controls that should be implemented into Business as Usual activities and provide security consulting services to IT teams to ensure controls are appropriately implemented.
Drive continuous improvement in the vulnerability management process by preventing vulnerabilities from being deployed to production; examples include reviewing tools and processes such as configuration management, change management, and patch management; providing input into standards and policies; and performing retrospectives.
Keep current with industry trends and enterprise initiatives, to ensure that our Information Security program capabilities evolve with emerging threats, new technology capabilities, and business needs.

Required Skills and Experience:
5-7 years of experience in Information Security focusing on security solution design, engineering, implementation and assurance.
3-5 years of experience defining and managing the implementation of controls to address access security and IT control requirements.
3-5 years of experience working with Information Security and IT general controls, including experience defining and documenting controls using COBIT 4.1 or 5.0, the NIST Cybersecurity Framework, the ISO 27k framework, the SANS 20 critical controls or similar experience.
Deep understanding of Information Security technologies including firewalls, IDS/IPS, Password Vaults, CASBs, SIEM, IT GRC, DLP, etc.
Strong people leadership skills and ability to influence without direct authority.
Understanding of the regulatory environment and experience with regulators.
Strong written and verbal communication.
Comfort delivering tasks and assignments in an evolving and a maturing environment.

Preferred Skills and Experience:
Application security experience and corresponding technologies (e.g. Jenkins
Experience with the FFIEC Cyber Security Assessment Tool.
Applicable certifications (e.g. CISSP, CISA, CISM, CGEIT, CRISC

Important Notes:
This is for client information Security & Financial management
Looking for a traditional Security Engineer with Implementation skills and engaging and execution of solutions
Primarily looking for DevOps background experience who has ability to act as bridge between application development team and Security
Need someone with strong in Jenkins, GitHub and Cloud experience
Looking for someone with Cloud, DevOps and Security and Able to build relationships with BA, QA, and Development team
Someone with strong in NIST or COBIT and ISO 27K and CASB is good to have
             

Similar Jobs you may be interested in ..