*Fully remote position* *Long Term Contract* *MUST HAVE CISSP Certification* A prestigious company is looking for a Cyber Risk Management Analyst. This analyst will focus on 3rd party risk assessments, malware detection/prevention, MDM, cloud security management, Api security, authentication/authorization, access control, and vulnerability exploitation. Qualifications 4+ w/Bachelors degree 2+ years of experience with a Masters degree in a relevant field of study is acceptable 4+ years of combined hands-on IT and security architecture development and implementation work experience with a broad exposure to infrastructure/network and multi-platform environments. 2+ years of experience in information security solution engineering or security service delivery. A complete, and working understanding of information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others. A working understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques and attack vectors). Understanding of systems development life cycle to lead multifunctional projects or initiatives. Knowledge of security principles, issues, techniques and implications across all existing computer platforms
26/03/2024
Project-based
*Fully remote position* *Long Term Contract* *MUST HAVE CISSP Certification* A prestigious company is looking for a Cyber Risk Management Analyst. This analyst will focus on 3rd party risk assessments, malware detection/prevention, MDM, cloud security management, Api security, authentication/authorization, access control, and vulnerability exploitation. Qualifications 4+ w/Bachelors degree 2+ years of experience with a Masters degree in a relevant field of study is acceptable 4+ years of combined hands-on IT and security architecture development and implementation work experience with a broad exposure to infrastructure/network and multi-platform environments. 2+ years of experience in information security solution engineering or security service delivery. A complete, and working understanding of information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others. A working understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques and attack vectors). Understanding of systems development life cycle to lead multifunctional projects or initiatives. Knowledge of security principles, issues, techniques and implications across all existing computer platforms
Contract - Cyber Risk Analyst Rate: Open Location: Remote Duration: 4-6 months Qualifications Bachelor's degree required; Masters preferred. 4+ years of combined hands-on IT and security architecture development and implementation work experience with a broad exposure to infrastructure/network and multi-platform environments. 2+ years of experience in information security solution engineering or security service delivery. A complete and working understanding of information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others. Third party risk assessment experience CISSP certification is a plus Responsibilities The Senior Cyber Risk Management Analyst will effectively analyze information systems and applications, assess, and evaluate cyber capabilities, and monitor and respond to security events within company environment. The role will collaborate with Technology teams and business partners to identify threats, create strategies to better protect technology assets, and deploy technologies and processes to put those strategies into action.
26/03/2024
Project-based
Contract - Cyber Risk Analyst Rate: Open Location: Remote Duration: 4-6 months Qualifications Bachelor's degree required; Masters preferred. 4+ years of combined hands-on IT and security architecture development and implementation work experience with a broad exposure to infrastructure/network and multi-platform environments. 2+ years of experience in information security solution engineering or security service delivery. A complete and working understanding of information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others. Third party risk assessment experience CISSP certification is a plus Responsibilities The Senior Cyber Risk Management Analyst will effectively analyze information systems and applications, assess, and evaluate cyber capabilities, and monitor and respond to security events within company environment. The role will collaborate with Technology teams and business partners to identify threats, create strategies to better protect technology assets, and deploy technologies and processes to put those strategies into action.
Network Risk and Compliance Analyst: Primary responsibilities will include: Develop and manage monitoring activities to ensure compliance with Information Security and Technology regulatory requirements and internal policies and standards Identify, develop and maintain key risk indicators to track and ensure compliance with established policies and standards Lead global and complex compliance remediation projects with cross-functional teams Conduct targeted reviews to identify risks, opportunities, and areas for improvement Lead development of management action plans; propose resolution options, identify responsible owners, and closure dates Proactively identify and report Information Security and Technology compliance risks Ensure risks are effectively identified, quantified, prioritized, communicated, and managed, including recommendations for risk mitigation, and identifying the root cause/key themes Effectively communicate findings and recommendations to management in detailed and organized format/process via presentations to stakeholders and senior management Manage Audit, Regulatory and Third-Part audits/risk assessments Lead development of formal responses to Audit and Regulatory inquiries or assessments. This may be comprised of documentation gathering, drafting of documents, and researching past activity and reports Centralize compliance responses/data to improve audit response time and create consistent responses across teams Interact with Auditors and Regulators as needed Develop and conduct ongoing risk and compliance training and education Role Requirements: Bachelor's degree in Computer Science, Cyber Security, Information Security, Information Systems Management, Information Technology Auditing or related relevant field Strong technical background in order to communicate effectively with Network Engineers Experience in leading projects, preferably global projects Experience with audits and/or compliance assessments/monitoring. PMI, CISSP, CISM, CISA a plus Ability to operate in a fast-paced global environment. Ability to work under pressure, meet tight deadlines and embrace change. Ability to communicate clearly to various levels of management (including executive management), across various business functions (including engineering)
25/03/2024
Full time
Network Risk and Compliance Analyst: Primary responsibilities will include: Develop and manage monitoring activities to ensure compliance with Information Security and Technology regulatory requirements and internal policies and standards Identify, develop and maintain key risk indicators to track and ensure compliance with established policies and standards Lead global and complex compliance remediation projects with cross-functional teams Conduct targeted reviews to identify risks, opportunities, and areas for improvement Lead development of management action plans; propose resolution options, identify responsible owners, and closure dates Proactively identify and report Information Security and Technology compliance risks Ensure risks are effectively identified, quantified, prioritized, communicated, and managed, including recommendations for risk mitigation, and identifying the root cause/key themes Effectively communicate findings and recommendations to management in detailed and organized format/process via presentations to stakeholders and senior management Manage Audit, Regulatory and Third-Part audits/risk assessments Lead development of formal responses to Audit and Regulatory inquiries or assessments. This may be comprised of documentation gathering, drafting of documents, and researching past activity and reports Centralize compliance responses/data to improve audit response time and create consistent responses across teams Interact with Auditors and Regulators as needed Develop and conduct ongoing risk and compliance training and education Role Requirements: Bachelor's degree in Computer Science, Cyber Security, Information Security, Information Systems Management, Information Technology Auditing or related relevant field Strong technical background in order to communicate effectively with Network Engineers Experience in leading projects, preferably global projects Experience with audits and/or compliance assessments/monitoring. PMI, CISSP, CISM, CISA a plus Ability to operate in a fast-paced global environment. Ability to work under pressure, meet tight deadlines and embrace change. Ability to communicate clearly to various levels of management (including executive management), across various business functions (including engineering)
Request Technology - Craig Johnson
Oakland, California
*We are unable to sponsor for this 6+ Month contract Remote role* Prestigious Enterprise Company is currently seeking a Third Party Cyber Risk Analyst. Candidate will effectively analyze information systems and applications, assess and evaluate cyber capabilities, and monitor and respond to security events within Delta Dental's environment. The role will collaborate with Technology teams and business partners to identify threats, create strategies to better protect technology assets, and deploy technologies and processes to put those strategies into action. Qualifications: 2+ years of experience with a Masters degree in a relevant field of study is acceptable 4+ years of combined hands-on IT and security architecture development and implementation work experience with a broad exposure to infrastructure/network and multi-platform environments. 2+ years of experience in information security solution engineering or security service delivery. A complete, and working understanding of information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others. A working understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques and attack vectors). Understanding of systems development life cycle to lead multifunctional projects or initiatives. Knowledge of laws, regulations, and standards relevant to the US Healthcare industry Excellent written and verbal communication skills (including technical writing, procedure creation, and documentation development). Must be able to effectively communicate security concepts to a technical audience Able to understand moderately complex written and oral instructions Ability to clearly present complex/security subjects and findings to technical staff and management Strong Exceptional technical writing skills including documentation development, process mapping, and visualization Ability to communicate technical concepts and think on the fly Ability to interact well with co-workers and outside contacts Knowledge of security principles, issues, techniques and implications across all existing computer platforms
22/03/2024
Project-based
*We are unable to sponsor for this 6+ Month contract Remote role* Prestigious Enterprise Company is currently seeking a Third Party Cyber Risk Analyst. Candidate will effectively analyze information systems and applications, assess and evaluate cyber capabilities, and monitor and respond to security events within Delta Dental's environment. The role will collaborate with Technology teams and business partners to identify threats, create strategies to better protect technology assets, and deploy technologies and processes to put those strategies into action. Qualifications: 2+ years of experience with a Masters degree in a relevant field of study is acceptable 4+ years of combined hands-on IT and security architecture development and implementation work experience with a broad exposure to infrastructure/network and multi-platform environments. 2+ years of experience in information security solution engineering or security service delivery. A complete, and working understanding of information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others. A working understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques and attack vectors). Understanding of systems development life cycle to lead multifunctional projects or initiatives. Knowledge of laws, regulations, and standards relevant to the US Healthcare industry Excellent written and verbal communication skills (including technical writing, procedure creation, and documentation development). Must be able to effectively communicate security concepts to a technical audience Able to understand moderately complex written and oral instructions Ability to clearly present complex/security subjects and findings to technical staff and management Strong Exceptional technical writing skills including documentation development, process mapping, and visualization Ability to communicate technical concepts and think on the fly Ability to interact well with co-workers and outside contacts Knowledge of security principles, issues, techniques and implications across all existing computer platforms
CONTRACT CYBERARK Rate - C2C Open REMOTE DURATION: 6 MONTH MINIMUM Must have excellent communication skills, must have excellent documentation skills, PAM CyberArk Responsible for the implementation and management of CyberArk and other Privileged Management solutions. Has familiarity working with most CyberArk products, including but not limited to: Privileged Access Manager, Vendor Privileged Access Manager, Cloud Entitlements Manager, Endpoint Privilege Manager, Privileged Session Manager, Privileged Threat Analytics, and Privileged Cloud. Identifies and leads privileged access management improvements and projects to improve our overall security posture Manages the end-to-end CyberArk environment/application from maintenance to administration Manages all privileged credentials across a hybrid environment Works collaboratively across the business to define and create CyberArk policies, platforms, safes Responsible for utilizing KPIs and metrics to report out on CyberArk system health Actively protects the integrity and confidentiality of our information assets while enabling business functionality in all systems and environments by supporting applicable security solutions Supports departmental and corporate goals by meeting key performance indicators and defined metrics Supports and follows Change Management processes and procedures Serves as a technical escalation resource to less experienced team members Participates in and supports Compliance processes, providing leadership and support to Analysts. Recommends and implements new functionality to enhance compliance processes while ensuring compliance controls are followed and effective. Responsible for 24x7x365 on-call escalation rotational support Experience : 3+ years of hands-on experience with implementing and managing CyberArk environments 3+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer/server platforms. Experience in designing and standing up a new CyberArk environment or migration to a new environment. Experience supporting a distributed hybrid cloud/on-premises environment Understanding and experience operating within the NIST Security Framework Strong written and verbal communication skills Education/Certifications: Bachelor's degree from an accredited college or university, or equivalent experience. One or more of the following CyberArk certifications are desired but not required: Defender, Sentry, or Guardian Certification in one or more of the following areas is desired but not required: Certified Information Security Professional (CISSP), Certified Cloud Security Professional (CCSP) WORK TO BE PERFORMED: Perform Privileged Access Management (PAM) Work utilizing CyberArk and Hashi Vault Support planning, designing, and executing of the PAM strategy Work on implementing Privileged Session Management solution through CyberArk Work across multiple teams and pillars to socialize and align PAM requirements to the organization Remediate and troubleshoot PAM related errors across the CyberArk and Hashi Platforms Provide operational support for PAM platforms Work on integrations with other applications and systems to provide CyberArk or Hashi support Assist in building CyberArk infrastructure Assist and help lead architecture development and creation of relevant documentation Assist with product documentation and processes for PAM team Deliverables: PAM Strategy draft Implementation of Privileged Session Management solution Process documentation and architectural documentation, as needed Provide subject matter expert level expertise and support on implementing and maintaining the CyberArk platforms. Provide Cloud Security Engineering Services Identify cloud-based security objectives for PAM program and provide SME level expertise Assist with integrating hybrid model with cloud and on-prem services Provide best practices recommendations for cloud connectivity and account management Produce detailed documentation around all aspects of cloud integration and functionality. Deliverables: Provide Cloud related documentation, guidance, and assistance. Operational Skills Assist in Tier 2/3 support of PAM platforms Provide training, documentation, and Standard Operating Procedures (SOP s) to Managed Security Services Provider (MSSP) vendor for continued development of operations support Deliverables: Provide operational support and documentation/guidance for all operational requirements
22/03/2024
Project-based
CONTRACT CYBERARK Rate - C2C Open REMOTE DURATION: 6 MONTH MINIMUM Must have excellent communication skills, must have excellent documentation skills, PAM CyberArk Responsible for the implementation and management of CyberArk and other Privileged Management solutions. Has familiarity working with most CyberArk products, including but not limited to: Privileged Access Manager, Vendor Privileged Access Manager, Cloud Entitlements Manager, Endpoint Privilege Manager, Privileged Session Manager, Privileged Threat Analytics, and Privileged Cloud. Identifies and leads privileged access management improvements and projects to improve our overall security posture Manages the end-to-end CyberArk environment/application from maintenance to administration Manages all privileged credentials across a hybrid environment Works collaboratively across the business to define and create CyberArk policies, platforms, safes Responsible for utilizing KPIs and metrics to report out on CyberArk system health Actively protects the integrity and confidentiality of our information assets while enabling business functionality in all systems and environments by supporting applicable security solutions Supports departmental and corporate goals by meeting key performance indicators and defined metrics Supports and follows Change Management processes and procedures Serves as a technical escalation resource to less experienced team members Participates in and supports Compliance processes, providing leadership and support to Analysts. Recommends and implements new functionality to enhance compliance processes while ensuring compliance controls are followed and effective. Responsible for 24x7x365 on-call escalation rotational support Experience : 3+ years of hands-on experience with implementing and managing CyberArk environments 3+ years of experience or training in Identity systems security fundamentals design, implementation and troubleshooting across all computer/server platforms. Experience in designing and standing up a new CyberArk environment or migration to a new environment. Experience supporting a distributed hybrid cloud/on-premises environment Understanding and experience operating within the NIST Security Framework Strong written and verbal communication skills Education/Certifications: Bachelor's degree from an accredited college or university, or equivalent experience. One or more of the following CyberArk certifications are desired but not required: Defender, Sentry, or Guardian Certification in one or more of the following areas is desired but not required: Certified Information Security Professional (CISSP), Certified Cloud Security Professional (CCSP) WORK TO BE PERFORMED: Perform Privileged Access Management (PAM) Work utilizing CyberArk and Hashi Vault Support planning, designing, and executing of the PAM strategy Work on implementing Privileged Session Management solution through CyberArk Work across multiple teams and pillars to socialize and align PAM requirements to the organization Remediate and troubleshoot PAM related errors across the CyberArk and Hashi Platforms Provide operational support for PAM platforms Work on integrations with other applications and systems to provide CyberArk or Hashi support Assist in building CyberArk infrastructure Assist and help lead architecture development and creation of relevant documentation Assist with product documentation and processes for PAM team Deliverables: PAM Strategy draft Implementation of Privileged Session Management solution Process documentation and architectural documentation, as needed Provide subject matter expert level expertise and support on implementing and maintaining the CyberArk platforms. Provide Cloud Security Engineering Services Identify cloud-based security objectives for PAM program and provide SME level expertise Assist with integrating hybrid model with cloud and on-prem services Provide best practices recommendations for cloud connectivity and account management Produce detailed documentation around all aspects of cloud integration and functionality. Deliverables: Provide Cloud related documentation, guidance, and assistance. Operational Skills Assist in Tier 2/3 support of PAM platforms Provide training, documentation, and Standard Operating Procedures (SOP s) to Managed Security Services Provider (MSSP) vendor for continued development of operations support Deliverables: Provide operational support and documentation/guidance for all operational requirements
Request Technology - Craig Johnson
San Francisco, California
*We are unable to sponsor for this Remote contract role* Prestigious Enterprise Company is currently seeking a Senior CyberArk Engineer. Candidate will be responsible for the implementation and management of CyberArk and other Privileged Management solutions. Candidate will have familiarity working with most CyberArk products, including but not limited to: Privileged Access Manager, Vendor Privileged Access Manager, Cloud Entitlements Manager, Endpoint Privilege Manager, Privileged Session Manager, Privileged Threat Analytics, and Privileged Cloud. Responsibilities: Identifies and leads privileged access management improvements and projects to improve our overall security posture Manages the end-to-end CyberArk environment/application from maintenance to administration Manages all privileged credentials across a hybrid environment Works collaboratively across the business to define and create CyberArk policies, platforms, safes Responsible for utilizing KPI's and metrics to report out on CyberArk system health Actively protects the integrity and confidentiality of our information assets while enabling business functionality in all systems and environments by supporting applicable security solutions Supports departmental and corporate goals by meeting key performance indicators and defined metrics Supports and follows Change Management processes and procedures Serves as a technical escalation resource to less experienced team members Participates in and supports Compliance processes, providing leadership and support to Analysts. Recommends and implements new functionality to enhance compliance processes while ensuring compliance controls are followed and effective. Responsible for 24x7x365 on-call escalation rotational support Qualifications: Deep understanding of CyberArk and its components Prior utilization of representational state transfer application programming interface (REST API) Experience with PAM related architecture and best practices Strong understanding of Cloud Service Providers and relevant experience with integration and configuration of PAM platforms into the cloud Operational experience helping manage CyberArk and Hashi Vault infrastructure Knowledge or usage of Terraform/Hashicorp Configuration language (HCL) Strong understanding of modern deployment technologies including CICD, Terraform, Ansible, and Docker Proficiency in cryptography. Experience with Windows, Unix, Cisco, platforms, and controls. 3-5+ Years' direct experience with CyberArk or Hashi at an Engineering level 5+ Years' experience in PAM management and platforms PAM related certifications (CyberArk Defender OR Sentry/Hashi Administrator)
04/03/2024
Project-based
*We are unable to sponsor for this Remote contract role* Prestigious Enterprise Company is currently seeking a Senior CyberArk Engineer. Candidate will be responsible for the implementation and management of CyberArk and other Privileged Management solutions. Candidate will have familiarity working with most CyberArk products, including but not limited to: Privileged Access Manager, Vendor Privileged Access Manager, Cloud Entitlements Manager, Endpoint Privilege Manager, Privileged Session Manager, Privileged Threat Analytics, and Privileged Cloud. Responsibilities: Identifies and leads privileged access management improvements and projects to improve our overall security posture Manages the end-to-end CyberArk environment/application from maintenance to administration Manages all privileged credentials across a hybrid environment Works collaboratively across the business to define and create CyberArk policies, platforms, safes Responsible for utilizing KPI's and metrics to report out on CyberArk system health Actively protects the integrity and confidentiality of our information assets while enabling business functionality in all systems and environments by supporting applicable security solutions Supports departmental and corporate goals by meeting key performance indicators and defined metrics Supports and follows Change Management processes and procedures Serves as a technical escalation resource to less experienced team members Participates in and supports Compliance processes, providing leadership and support to Analysts. Recommends and implements new functionality to enhance compliance processes while ensuring compliance controls are followed and effective. Responsible for 24x7x365 on-call escalation rotational support Qualifications: Deep understanding of CyberArk and its components Prior utilization of representational state transfer application programming interface (REST API) Experience with PAM related architecture and best practices Strong understanding of Cloud Service Providers and relevant experience with integration and configuration of PAM platforms into the cloud Operational experience helping manage CyberArk and Hashi Vault infrastructure Knowledge or usage of Terraform/Hashicorp Configuration language (HCL) Strong understanding of modern deployment technologies including CICD, Terraform, Ansible, and Docker Proficiency in cryptography. Experience with Windows, Unix, Cisco, platforms, and controls. 3-5+ Years' direct experience with CyberArk or Hashi at an Engineering level 5+ Years' experience in PAM management and platforms PAM related certifications (CyberArk Defender OR Sentry/Hashi Administrator)