Information Security Consultant
Rook Consulting - Indianapolis, IN

This job posting is no longer available on Indeed. Find similar jobs: Information Security Consultant jobs - Rook Consulting jobs

Rook Consulting,, is looking for a Information Security Consultant to join our downtown Indianapolis office. The ideal candidates will have an open mind, bring a fresh perspective to the Rook team and be passionate about protecting, defending and responding to information security related events.

As an IS Consultant, you will be responsible for providing security guidance to IT project teams responsible for delivering business solutions. The Information Security Consultant will provide security guidance, identify and prioritize security-related requirements, promote secure-by-default designs and facilitate delivery of information security services. The Information Security Consultant will also be expected to perform risk assessments of information systems and infrastructure, develop appropriate risk treatment and mitigation options, and effectively articulate findings and recommendations to IT project teams and management. The Information Security Consultant will be expected to work on multiple projects and tasks concurrently.

Responsibilities include but are not limited to:

  • Define and provide pragmatic security guidance that balance business benefit and risks.
  • Engage IT teams throughout projects to identify and prioritize applicable security controls and provide guidance on how to implement these controls
  • Perform risk assessments of information systems and infrastructure
  • Maintain and enhance the Information Security risk assessment methodology
  • Define security configuration standards for platforms and technologies
  • Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit
  • Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stake-holders
  • Provide knowledge sharing and technical assistance to other team members
  • Act as Subject Matter Expert (SME) in responsible technologies and have deep technical understanding of responsible portfolios

Required Skills:

  • Bachelor’s Degree in Information Security or related field; or 3-5 years experience as an Information Security Specialist/Consultant
  • Candidates are preferred to hold or be actively pursuing related professional certifications such as CISSP, GSEC, CISM or CISA
  • Experience providing and validating security requirements related to cloud security for private, public, and hybrid clouds
  • Experience with UNIX CLI and Scripting

Experience with the following tools:
o Nessus
o Nmap
o Metasploit
o ZAP / BurpSuite

  • Knowledge of Windows Server Configuration
  • Experience with Network Defense in depth strategies
  • Experience providing and validating security requirements related to information system design and implementation
  • Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies
  • Knowledge of OWASP top 10 and remediation of attacks against web applications. The ability to convey the risks to IT and business stakeholders
  • Familiarity with information system attack methods and vulnerabilities
  • Knowledge of Cloud Architecture
  • Experience with Risk Management

Required Soft Skills:

  • Demonstrated integrity in a professional environment
  • Ability to team well with others to facilitate and enhance the understanding & compliance to security policies
  • Ability to work effectively with customers, management, staff members, vendors, and consultants and articulate findings and recommendations
  • Strong English communication and writing skills are required
  • Strong judgment and analytical ability
  • Excellent interpersonal, communication, organizational, and project management skills
  • Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change

Indeed - 9 months ago - save job