Cyber Security Consultant SC DV Contract
Cyber Security Consultant SC DV
Experienced Security Consultant required for long term Contract, you will be ready to quickly get to work in an Agile team of platform engineers and developers and technical architects. Confident in leading on the entrenching of security in cloud based, microservices architecture that is automated where appropriate. Able to conduct Pen Tests and vulnerability assessments.
A pragmatic consultant, you will ensure services are kept in line with security and architecture standards.
Main responsibilities include:
- Ensuring that deployed code is secure and assured and that Cloud infrastructure complies with security architecture and policies
- Conducting or ensuring internal security testing for each Agile sprint/release. Vulnerability management
- Leading/conducting code & configuration security reviews
- Leading/implementing remediation activity
- Liaison with the client Information Assurance team to provide the required security assurances for code releases
- Operational security support
- Porting security (protective monitoring) log feeds to the CSOC/SEIM
- Acting as SME for DevOps security
- Provisioning, administering and reviewing Developer user access & privileges
Essential skills and experience
- Current SC or DV Clearance with experience of working in GDS Service Manual and Service Standards environments, designing mission critical services
- 10+ years hands-on security experience, with a focus on endpoint, network devices, and applications
- Incident Response analysis and investigations.
- Ethical Hacker experience
- Strong stakeholder management with the ability to communicate complex technical updates to different audiences
- Evidence of supporting enablement of in-house development capabilities, engaging with staff and creating an environment of knowledge sharing
- Recognised security qualification (eg Crest, AWS Security, CCSP etc.)
Essential technical knowledge (5 years +)
- Experience with vulnerability management tools eg Nessus, Qualys.
- Experience with SIEM tools, eg AlienVault, Splunk ES, ELK/Logstash
- Experience with security testing tools eg BurpSuite, ZAP
- Understanding of secure coding development practice, eg OWASP Top Ten
- Working knowledge of Linux/Unix
- Knowledge of networking protocols and technologies, eg TCP/IP, Switching & Routing
- Programming and Scripting skills, Python, JAVA
- General knowledge of endpoint security, malware analysis, BYOD
This job was originally posted as www.jobsite.co.uk/job/959361633