Practice Lead, CyberSecurity for Top Small Firm
ImagineX Consulting is a rapidly growing consulting firm focusing on client business/software solutions, named one of the Top Small Firms to work for by Consulting Magazine. We are seeking a Practice Lead with a focus on Cyber Security. A successful candidate must have a technical background and be an experienced security practitioner, in addition to having multiple-project experience working with technical teams.
- Identify network, system and application security vulnerabilities through the use of scanning tools and notify the appropriate team to take necessary action (Qualys experience is a plus). This may include defining the security controls and parameters that will be measured. An understanding of current web application development languages is necessary to communicate compensating controls and potential remediation activities. Assist with network and application security penetration testing activities, including scheduling, resources, tool execution, and reporting. Independently, or through leading other staff, design, recommend, plan, develop and support implementation of project-specific security solutions to meet tactical, and control requirements. Develop reports using data that is hosted in multiple sources (e.g. spreadsheets, databases) and communicate clearly to clients and team members. Identify potential security exposures that may currently exist or may pose a potential future threat to client networks or systems. Report to clients when these exposures are identified, as well as a proposed solution for remediation. Work with clients to periodically review existing security device architecture and recommend potential updates or enhancements for group review. Monitor security blogs, articles, reports, as well as other sources to keep up to date on the latest security threats and trends. Report significant threats to management for analysis and action.
- College degree in Computer Information Systems, Computer Science, Security or equivalent experience required 5+ years of information security experience, preferably in the areas of application security, vulnerability scanning, or penetration testing. Experience leading Cyber teams/projects. Possession of current CISSP and/or ethical hacking certifications preferred. Familiar with and able to apply time-proven, generally-accepted security methods, concepts and techniques. Strong negotiation skills and ability to interact effectively with direct managers and staff in both technical and business roles. Able to defuse situations, work around defensive attitudes, and deal with diverse personalities to achieve assignment objectives Solid understanding of networking (WAN, LAN, wLAN), network domains (Internet, intranet, DMZ), communication techniques/protocols (IP and others), and their combined effects on network and host systems security Ability to maintain awareness of local, national and international trends and developments in the area of security Ability to learn and retain new skills as required meeting a changing technical environment Ability to travel occasionally Ability to effectively network, participate in and lead matrixed teams, and develop key working relationships Good written and verbal communication skills, fluent English
**Ability to travel 50% or more a plus (+)