Information Security Consultant (CISA/CISSP) with IDS/IPS, SIEM, OWASP, PCI-DSS and NIST experience (CISSP, GSEC, GIAC, CEH, Security+, GSLC, CISA, CISM, GISP, GSLC certification)

IN001854

Information Security Consultant (CISA/CISSP) with IDS/IPS, SIEM, OWASP, PCI-DSS and NIST experience (CISSP, GSEC, GIAC, CEH, Security+, GSLC, CISA, CISM, GISP, GSLC certification)

Location:   New Hope Center (NHC)

Duration: 1 year

Positions: 1

 

The Department of Transportation is seeking a short-term (estimated at 2080 hours, not to exceed 12 months) contractor to implement and maintain security within the NCDOT environments, perform vulnerability and risk assessments, develop information security policies, standards and procedures (PSPs), and assist in training employees. Contractor will help implement and monitor environments using IDS/IPS, SIEM, employee awareness training, anti-virus, monitor security events, and use network packet anaylzers and other technologies.

Required:

The candidate must be a skilled information security professional with advanced knowledge and direct experience developing information security policies, standards and procedures for large organizations.

 

Knowledge, Skills, and Abilities Requirements:

• Minimum of two (2) years of experience working with IDS/IPS/SIEM technologies.

• BA or BS in Computer Science, Management Information Systems, or equivalent experience. Three+ years of progressive experience in computing and information security, including experience with Internet technology and security issues.

• Experience with security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls & Log Analysis, Security Information and Event Management (SIEM), Network Behavior Analysis tools, Antivirus, and Network Packet Analyzers, Security Systems Manager, and malware analysis. 

• Knowledge of the TCP and IP protocol suite, security architecture, and remote access security techniques and products.

• Analyze and review security events until closure; this includes investigating and recommending appropriate corrective actions.

• Conduct internal vulnerability assessments and scheduling of third party external scans 

• Manage and maintain user security awareness. 

• Hands-on implementation of security devices and applications to monitor and review network, servers, and applications.

• Perform additional common information security duties as assigned.

• Demonstrate ability to manage time, milestones and be self-directed

• Must have excellent communication skills (written and verbal) and have the ability to communicate with all levels of staff and management

• Knowledge of regulatory compliance including: OWASP, PCI-DSS, and NIST.

Preferred:

• CISSP, GSEC, GIAC, CEH, Security+ or related certification preferred.

• GSLC, CISA, CISM, GISP, GSLC certifications

Posted via email from innoSoul's posterous