Must sit in Charlotte, NC, but will be remote!
Position : Information Security Engineer
Duration : FTE
Compensation : 90-100k with 7.5% bonus
Location : REMOTE but must sit in Charlotte, NC
Summary :
The Information Security Engineer will conduct vulnerability assessments, threat hunting activities, and evaluate deviations from security configurations or policies. The team member also develops and / or recommends appropriate mitigation countermeasures in operational and non-operational situations.
Essential Functions :
Expertise in Information Security Programs
- Conduct Vulnerability Assessments
- Company Security Policy and Procedure Upkeep
- Risk Assessments
- Threat Hunting
- Security Awareness Training
- Operational Security Oversight
Desired Qualifications :
Degree in Computer Science or related work experience2 years in direct related work experiencePassion and visionStrong communication and presentation skillsDesired Experience :
Intermediate knowledge of risk management processesIntermediate knowledge of information security regulationsIntermediate knowledge of information technology (IT) supply chain security / risk management policies, requirements, and procedures.Experience in Payment Card Industry, Data Security Standards (PCI-DSS), Graham Leach Bliley (GLBA), Healthcare Insurance Portability and Accounting and Accounting Act (HIPAA), Sarbanes-Oxley (SOX)Demonstrated real world experience performing grey and black box penetration testing as well as cyber threat emulation services (opposing force)Have an understanding of common Web Application vulnerabilities like XSS, CSRF, and others.Must be proficient in several of the following tools : PowerShell, Metasploit Framework / Pro, Nexpose, Burp, and the Social Engineering ToolkitMust have solid working experience and knowledge of Windows and Unix / Linux operating system, mobile platforms a plusFirm understanding of networks, systems and data center architecture[Certified Ethical Hacker (CEH)] and [Licensed Penetration Tester (LPT), GIAC Penetration Tester (GPEN), Certified Penetration Tester (CPT)] OSCP or equivalent desired