Info Security Sr Advisor

Description SHIFT: Day Job

• Work cross-functionally to integrate vulnerability management capabilities and practices throughout the System Development Lifecycle
• Provide Subject Matter Expertise on vulnerability risk, remediation, and mitigating actions
• Identify known vulnerabilities and configuration baseline standard deviations in our environment by operating our vulnerability management platform
• Provide mentorship and oversight for junior staff in the execution of key vulnerability management processes
• Perform risk assessment of vulnerabilities by correlating data from various sources

• Identify known vulnerabilities and configuration baseline standard deviations in our environment by operating our vulnerability management platform
• Track vulnerabilities from identification through to remediation using ticketing systems
• Perform risk assessment of vulnerabilities by correlating data from various sources

• BS/BA in related field
• 8+ years' experience in systems administration and security aspects of information systems, computer networking, telecommunications, systems development, and management.
• Demonstrable Experience communicating complex concepts to varied audiences.
• Technical experience discovering, remediating, and validating system issues.
• Demonstrable Experience analyzing data and producing concise informative reports, with precision and attention to detail
• Experience working with IT standards such as PCI-DSS, HIPPA or others.

• Scripting experience with common programming and query languages (e.g., Python, R, SQL, Java etc.)
• Experience with data analysis and visualization tools (e.g., Tableau, Power BI etc.)
• Experience with common vulnerability technologies such as Qualys, Tenable, Rapid7, Guardium and Tanium.

• BS/BA Degree

• 5 - 8 years' experience in a support & operations or design & engineering role in any of the following areas: access management or network security technologies, servers, networks, telecommunications, operating systems, middleware, disaster recovery, collaboration technologies, or hardware/software support.
• any combination of education and experience, which would provide an equivalent background.
• Working knowledge and understanding of industry-accepted data processing controls and concepts as applied to hardware, software, data, network communications, and people.

• Significant experience with multiple technical and business disciplines.
• Security Certifications: CISSP preferred or other technical security certifications (e.g., Systems Security Certified Practitioner, Certification and Accreditation Professional).

• 2+ years of work experience in Information Security, understanding of software and network security
• Technical experience discovering, validating, and remediating network and software vulnerabilities
• Experience analyzing data and producing informative reports, with precision and attention to detail
• Experience and familiarity with IT industry and standards audit is preferred. (E.g., HIPAA, SOC II, PCI etc.)
• Scripting experience with common programming and query languages (e.g., Python, R, SQL, Java etc.)
• Experience with data analysis and visualization tools (e.g., Tableau, PowerBI etc.)
• Experience with common vulnerability technologies such as Qualys, Tenable, Rapid7 and Tanium.