About the job
SummaryBy Outscal
This is a 3-month Contract to Hire role as a Security Consultant for a Digital Product Engineering company. You will manage security and compliance initiatives, coordinate audits, and oversee remediation efforts. Must have experience with cybersecurity principles, vulnerability management, and IT service continuity management.
We are a Digital Product Engineering company that is scaling in a big way! We build products, services, and experiences that inspire, excite, and delight. We work at scale β across all devices and digital mediums, and our people exist everywhere in the world (18000+ experts across 37 countries, to be exact). Our work culture is dynamic and non-hierarchical. We are looking for great new colleagues. That is where you come in
- This is a 3 month Contract to Hire role, not open for vendor Support.
- This is a hybrid position, based in Sandy Springs, GA.
We are seeking a Security Consultant to support our client's Data & Technology product domain. This role involves managing security and compliance initiatives, coordinating audits, and overseeing remediation efforts. The ideal candidate will have a strong understanding of cybersecurity practices, vulnerability management, and IT service continuity management.
Key Responsibilities:
- Security & Compliance Tracking and Coordination:
- Support the tracking and coordination of security and compliance topics, ensuring all necessary actions are followed through.
- Audit Coordination and Management:
- Act as the primary contact for internal and external audit requirements related to the client's Data & Technology domain.
- Coordinate all audit activities, including collecting evidence, preparing for audit sessions, and responding to audit inquiries.
- Manage the review of audit findings, ensuring that appropriate solutions are developed and implemented.
- Vulnerability Management:
- Coordinate the remediation of security vulnerabilities, such as those identified in Log4j or from Qualys scans, working closely with infrastructure and development teams.
- Ensure that remediation efforts are properly tracked and completed according to security policies.
- Cyber Resiliency and Security Reporting:
- Collect relevant data and prepare reports on cyber resiliency, detailing vulnerabilities, security risks, and action plans.
- Manage security problem management and reporting, ensuring all security issues are addressed promptly and effectively.
- Penetration Testing and Security Assessments:
- Oversee Security Profile (SP) and Enhanced Penetration Assessment (EPA) tests to ensure application security.
- Perform source code analysis (SCAS) to identify and resolve potential security risks within the codebase.
- Security and Compliance Policy Management:
- Ensure compliance with local security policies, data deletion protocols, and management reporting requirements.
- Implement and track Multi-Factor Authentication (MFA) services across all relevant systems.
- IT Service Continuity Management (ITSCM):
- Oversee IT service continuity management, ensuring AR (action recovery) plans are documented and stored appropriately for business continuity purposes.
- Audit Remediation and Compliance Tracking:
- Track audit remediation efforts and monitor future compliance to avoid recurring issues.
- Security Policy and Update Management:
- Ensure that all security policies and updates are communicated effectively to application teams and are adhered to across the organization.
- 5 years +Proven experience in security and compliance coordination, particularly in managing audits and remediation efforts.
- Strong understanding of cybersecurity principles, vulnerability management, and IT service continuity management (ITSCM).
- Experience with security tools such as Qualys, MFA implementations, and penetration testing processes.
- Ability to collaborate with cross-functional teams, including infrastructure and development teams, to address security vulnerabilities.
- Excellent communication and project management skills to coordinate audit activities, vulnerability remediation, and reporting.
- Familiarity with data deletion and reporting compliance, local security policies, and security problem management.
This role requires a proactive individual who can manage multiple security and compliance initiatives, ensure audit readiness, and drive remediation efforts to meet the client's security standards.