Senior Consultant

Duties

• Assess the security and compliance of client firms against industry best practices and various regulatory standards, including Payment Card Industry Data Security Standard (PCI DSS), HIPAA, HITRUST, and SOC. Conduct gap analysis and information security compliance assessments related to multiple information security frameworks such as PCI DSS, OWASP, and NIST Cybersecurity Frameworks to manage cybersecurity-related risk; prepare professional technical reports that include detailed assessment observations and evaluations of the Information Technology (IT) environments, including servers, virtual machines, DMZ design, TCP/IP protocols, NTP settings, etc. 
• Evaluate network security technologies such as firewalls, routers, switches, load balancers to ensure encrypted data transmissions for compliance with industry best-practice configuration standards such as CIS or NIST.  Analyze security configuration script output results from network devices (firewalls, routers) and server operating systems (Windows, Linux, Unix) and provide recommendations to fix misconfigurations and policy violations identified with industry security standards.
• Analyze penetration testing and vulnerability scan reports from security control assessments to ensure that all vulnerabilities labeled with High/Medium CVSS severity are remediated. Evaluate security hardening standards for system components and operating system types conformance with industry-accepted system hardening standards, such as NIST and CIS benchmarks, and address known security vulnerabilities.
• Evaluate the security configuration of computing platforms (e.g. cloud computing services on Amazon Web Services, Google Cloud, Microsoft Azure) and virtualization technologies to include VMware and Hyper-V.  Examine and analyze network and data flow diagrams, information security policies/processes, vulnerability management processes, and risk assessments for information security compliance.
• Analyze incident response plans and procedures to be implemented in the event of system security breaches. Research the latest information technology (IT) security trends, such as encryption algorithms, anti-malware mechanisms, and system firewalls for protection of sensitive data.
• Provide mentorship to team members with information security best practices, builds security awareness posture to ensure high quality products to our customers. 
• Establish and maintain positive collaboration with business customers and provide security enhancements upon issues pertaining to the information security of organization.

Requirements

• Master of Science in Computer Science, Software Engineering, or closely related field.
• Education and/or experience must include theoretical and/or knowledge of: Information security & compliance frameworks; Technical security & systems and/or network administration, including Operating System(s) security configuration, Switches, Routers, Wireless (Wi-Fi), Firewalls, IDS/IPS,  Mobile Devices; information & systems security principles & concepts including Threat & Vulnerability Assessment, Penetration Testing, Security Frameworks, Cryptographic protocols & Data Encryption; network infrastructure & network and dataflow diagrams; configuration management technologies deployments; Cloud security including cloud-based infrastructure & virtualization technologies; Software Development Life Cycle & secure coding guidelines; data base management system software;  data encryption algorithms & protocols; Identity & Access Management (IAM) methodologies, access management & authentication mechanisms; network packet capture analysis & networking monitoring tools.
• Position also requires at least two industry certification such as QSA, CISM, CISA, (ISC), or CISSP. Position is eligible to telecommute 100% of work schedule.
• Travel requirement of up to 20% of work schedule.

Apply here or Cover Letter/Resume to V. Parker – Coalfire Systems, Inc., 8480 E Orchard Rd, Ste 5800, Greenwood Village, CO 80111  or email HumanresourcesMB@coalfire.com and must reference job #10100RM.