Downey (Remote), CA US
Downey CA (Remote)
12+ Months contract
- An Information Security Specialist interprets information security policies, standards and other requirements as they relate to internal information system and coordinates the implementation of these and other information security requirements.
- The Information Security Specialist redesigns and reengineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability.
- The Information Security Specialist will provide highly specialized experience in one or more information, computer, or network security disciplines (e.G. Penetration testing, accreditation, or risk assessment and mitigation); develop system security plans, certification and accreditation reviews; analyze and establish processes for comprehensive systems and data protection; assess and mitigate system security threats and risks; perform security audits, evaluation, risk assessments and make strategic recommendations; and manages, supports, installs and maintains security tools and systems, and tracks security patches and incidents.
- The Information Security Specialist will possess knowledge and experience in standard methodologies used in certification and accreditation processes; extensive experience following NIST guidelines in risk assessment and management; conducting vulnerability analysis; developing mitigation plans; and performing penetration testing, password protection testing and application security testing.
- This classification must have a minimum of five (5) years of experience applying security policies, standards, testing, modification and implementation.
- At least three (3) years of that experience must be in information security analysis.
- Preferred security trainings and certifications such as ZCCA-IA, ZCCP-IA, ZCCA-PA, ZCCP-PA, CISSP, CISA, or GIAC certifications.