Security Consultant

Minimum of 60 months of experience working for large IT organizations_ 

Minimum of 60 months of experience working in cyber security_ Security+, CEH, or SSCP certification. Must provide copy of certification._ 

Minimum of 24 months of experience developing and updating SSDLCs (Secure System Development Life Cycle) plans._ CAP, CISSP, CISM, CRISC, or GSEC certification. 

Must provide copy of certification._ 

Microsoft, Comptia, or other certification in Operating Systems, servers, Networking, SCADA security, or computer hardware or any GIAC Certification except GSEC, CEH Must provide copy of certification. 

Must provide copy of certification.

Minimum of 12 months of experience with virtualization, AV, Sharepoint, digital forensics, penetration testing, and/or networking

Minimum of 24 months of experience monitoring, analyzing, and responding to routine and critical logs and events _ Minimum of 12 months of experience using an industry recognized vulnerability scanning tool

Minimum of 12 months of experience using McAfee(or a competitive product) AV, EPO, encryption_ Augment ISO staff to perform day to day operations and short / long term Information Security projects.

Perform routine security audits.

Respond to Multi State Sharing and Security Center (MS-ISAC) and NYS Cyber Command Center critical event notifications.

Monitoring and analysis of logs/events_ 

Identify trends and formulate actions for mitigation of threats.

Conduct/manage vulnerability scanning.

Advise on and implement best practices in support of NIST 800-53 and CIS Critical Security Controls compliance._ Draft new/update existing Information Security policies and procedures_ Conduct Audits of user accounts, computers, and network configurations_ Conduct ad hoc ad hoc investigations,_ Have an understanding of computer and cell phone forensics. _ Review new processes, technologies, and system designs._ Review vulnerability bulletins and patch releases. _ Conduct or monitor penetration testing according to procedure._ Assist in the creation and execution of the organizational information security awareness program._ Coordinate with and provide security guidance to internal departments and outside agencies_ Assist in the creation and annual review of the required SSDLC (Secure System Development Life Cycles) documentation to support the Public Safety Clusters security program

Perform other related duties as directed by the Information Security Officer or senior leadership.

 Audit Active Directory, Windows Servers, CITRIX Xen, Xen App, and Xen Server._ Backup / Recovery Planning and review_ IDS/IPS (Intrusion Detection Systems/Intrusion Prevention Systems) monitoring_ Analyze/monitor ISA proxy services