Description
The ideal candidate will have a security mindset and the ability to think outside the box, contributing to a team of highly motivated and skilled information security practitioners. As a Security Consultant, the main goal is to balance both security and business imperatives using a risk based approach. This individual will conduct information security assessments and provide security consulting and advisory in one or more of the following fields: application, network and platform security. Main responsibilities include assessing the security posture of existing environments, identifying risks, recommend remediation plans and ensure internal projects are deployed in a secure fashion. Candidate should be well-rounded and have knowledge in all information security domains. This includes knowledge about threats, attack techniques, vulnerabilities, and penetration testing.
The candidate will represent Information Security in the assessment as well as research, development and implementation of technologies, techniques, and process improvements pertaining to initiatives that require information security guidance. The role, therefore, requires the ability to strategize and architect security solutions to help remediate deficiencies. Our clients are Kaiser Permanente's various portfolios such as Health Plan, Care Delivery, and Corporate Services, just to name a few. The candidate will also have close working relationship with both IT and the Business. This means that the candidate will be working directly with project personnel as well as business management teams. Therefore, the ability to speak in both technical and business terms is crucial; meaning as subject matter expert, the candidate should be able to articulate information security requirements and risks in business language.
General Requirements
- Excellent analytical skills to complement strong written and verbal communication skills.
- Excellent interpersonal, motivational, organizational, persuasive and project management skills.
- Team player and ability to multitask given different types of initiatives.
- Proven ability to work effectively with management, staff, vendors, and external consultants
- Proven ability to communicate technical issues to technical and non-technical business area representatives.
- Understanding of security risk assessment methodologies. Ability to assess both technical and business risks as it pertains to information security. Be able to articulate risk in a manner that can be understood by non-technical audience.
- Good understanding of regulatory climate and industry standards such as SOX, HIPAA and PCI respectively.
Qualifications
Basic Qualifications:
- Bachelors Degree in Information Systems, Computer Science, Engineering, Mathematics or additional 4 years of equivalent work experience
- 8 or more years of hands on experience in two or more of the following: application security or platform/OS security in engineering, architecture or consulting capacity.
- Formal training and general certification in the security field, both vendor agnostic and vendor specific (such as CCIE, CISA, CISSP, GIAC)
Preferred Qualifications:
- Prefer consulting background.
To apply visit: https://kp.taleo.net/careersection/external/moresearch.ftl?lang=en and search for Job Number: 145500