Security Consultant

Minimum of 60 months of experience working for large IT organizations

Minimum of 60 months of experience working in cyber security

Security+, CEH, or SSCP certification. Must provide copy of certification.

Minimum of 24 months of experience developing and updating SSDLCs (Secure System Development Life Cycle) plans.CAP, CISSP, CISM, CRISC, or GSEC certification. Must provide copy of certification.Microsoft, Comptia, or other certification in Operating Systems, servers, Networking, SCADA security, or computer hardware or any GIAC Certification except GSEC, CEH Must provide copy of certification. 

Must provide copy of certification.

Minimum of 12 months of experience with virtualization, AV, Sharepoint, digital forensics, penetration testing, and/or networking

Minimum of 24 months of experience monitoring, analyzing, and responding to routine and critical logs and events 

Minimum of 12 months of experience using an industry recognized vulnerability scanning tool

Minimum of 12 months of experience using McAfee(or a competitive product) AV, EPO, encryptionAugment ISO staff to perform day to day operations and short / long term Information Security projects.Perform routine security audits.

Respond to Multi State Sharing and Security Center (MS-ISAC) and NYS Cyber Command Center critical event notifications.Monitoring and analysis of logs/eventsIdentify trends and formulate actions for mitigation of threats.Conduct/manage vulnerability scanningAdvise on and implement best practices in support of NIST 800-53 and CIS Critical Security Controls compliance.

Draft new/update existing Information Security policies and proceduresConduct Audits of user accounts, computers, and network configurations

Conduct ad hoc ad hoc investigations,Have an understanding of computer and cell phone forensics. 

Review new processes, technologies, and system designs.

Review vulnerability bulletins and patch releases. Conduct or monitor penetration testing according to procedure.

Assist in the creation and execution of the organizational information security awareness program.Coordinate with and provide security guidance to internal departments and outside agenciesAssist in the creation and annual review of the required SSDLC (Secure System Development Life Cycles) documentation to support the Public Safety Clusters security programPerform other related duties as directed by the Information Security Officer or senior leadership.Audit Active Directory, Windows Servers, CITRIX Xen, Xen App, and Xen Server.

Backup / Recovery Planning and reviewIDS/IPS (Intrusion Detection Systems/Intrusion Prevention Systems) monitoringAnalyze/monitor ISA proxy services