Security Consultant

ProArch is an IT consulting and services organization that specializes in cybersecurity, compliance, cloud, data, and application development. We work with businesses all over the world to reach their goals. Basically, we use technology to help businesses grow. Cool, right?

We’re a global company with offices in 3 countries and 350 employees (or, as we like to call ourselves, ProArchians) around the globe, we strive to stay true to our roots: trust, accountability, creativity, community, and collaboration.

Our culture underpins everything we do. In fact, we’re a Certified Great Place to Work. We’re looking for people who share our values, have passion for technology, and will make an impact on our clients’ lives and our communities.

So, here’s a bit about what it’s like to work at ProArch:

• Focus on learning. Our team has an exceptionally wide breadth of expertise across the IT spectrum. You will learn about other areas of the industry by being immersed with our technology experts.
• We embrace change. We believe that when creativity is fused with technology in just the right way, amazing things can happen. World-changing things. We foster a creative and collaborative environment for employees and their teams.

If you're excited by the thought of working for a company like that, we want to hear from you!

Job Description

ProArch is an IT services and consulting company with offices in Syracuse, Rochester, and Buffalo New York. Our business is growing and to serve our customers in the best possible manner, ProArch is looking to hire highly qualified, motivated, hard-working professionals.

A Security Consultant is a client-focused position that works with ProArch customers to maintain a comprehensive security program. Security Consultants will leverage ProArch’s security tools to detect and prevent cyber threats to ProArch’s customers. Additionally, responsibilities include implementation, monitoring security controls, and incident response. The Security Consultant will be part of a select group of industry recognized experts who work on unique security solutions associated with next generation technologies and emerging security threats. Ongoing training and professional certifications are part of the job requirements.

Requirements

Security Consultant

Skill Sets Required

• Ability to analyze and create remediation strategies for vulnerability management programs, security architecture reviews, penetration testing, web application security reviews, and wireless security assessments.
• Experience in analyzing and creating remediation strategies for vulnerability management programs, security architecture reviews, penetration testing, web application security reviews, and wireless security assessments.
• Experience analyzing and creating firewall policy rules.
• Experience developing security analysis documentation and recommended remediation actions.
• Experience analyzing network topologies, security architectures, security solutions, tools, and IT Policies and standards to find gaps between in-place programs and industry best practices.
• Deep understanding of networking protocols including (e.g., TCP/IP, SNMP, DNS).
• Knowledge of Authentication and Authorization mechanisms, Identity Access Management, user provisioning best practices.
• Technical engineering capabilities that include Windows Servers and other common server platforms such as VMware, Active Directory, File, IIS, SQL, SCCM, WSUS, and others.
• Experience using Microsoft 365 security controls and technology. Implement and maintain security solutions, tools, and IT Policies and standards.
• Proficiency in using various security tools, but not limited to, Qualys, Metasploit, Nipper, Kali, etc.
• Familiarity with industry standards such as PCI DSS, NY DFS, HIPAA\HiTech\HiTrust, DFARS, NIST SP-800 series, CIS Critical Security Controls, OWASP.
• Knowledge of the Eight Information Security domains in ISC2 CBK.
• Takes ownership of the project, tasks, and client deliverables.

Requirements

• Proven collaborator.
• Ability to prioritize effectively and handle shifting priorities professionally.
• Ability to prioritize effectively and handle shifting priorities professionally.
• Exemplary written and verbal communication skills.
• Produce and review reports to support project deliverables.
• Analyze technical results from security assessments, vulnerability scanning, and monitoring systems.
• Ongoing training and professional certifications are part of the job requirements.
• Create clearly stated remediation recommendations based on industry best practice.
• Successfully interface with clients, both internally and externally.
• Document and explain technical details in concise and clear manner.
• Manage personal schedule and project tasks.
• Provide weekly time accounting and monthly expense reports.
• Be a member of the ProArch Incident Response Team.
• Travel within upstate NY and occasionally out of state, as required.

Education and Certification

3-7 years of experience within an Information Security department or organization. BS Computer Science/Engineering or significant demonstratable experience in network security. Certifications such as CISSP, CISM, and CISA are desirable but not required.

Benefits

Pro Arch offers a competitive salary plus the following benefits:

• Health insurance coverage with Vision and Dental options
• Mileage and business expense reimbursement
• 401k plan
• Paid holidays and vacation