Security Consultant – Colombia
Job Issue Date:
Job Start Date:
This position involves knowledge and management of all aspects of security – physical & logical along with security analytics related to internal landscape and 3rd party suppliers. Responsibilities will include on-site support as a Corporate Security representative at one or more vendor locations. Recent security breaches are increasing the need for advanced analytics framework to support the detection of malicious patterns, anomalies, and changes in behavior rather than relying on signature-based detection. Must be able to work in a fast paced environment both autonomously and as a team. Ability to communicate complex quantitative analysis in a clear and precise manner to both technical and non-technical audiences.
• Ensures the implementation and operation of the appropriate security controls across the organization are aligned with contracts, corporate security policies, standards, and applicable regulations.
• Participates in security reviews and finding remediation from internal and external organizations on behalf of Corporate Security.
• Assess application and infrastructure vulnerabilities identified in security scans, prioritize based on security risk, and drives remediation with internal and 3rd party teams. In doing so he/she needs to be conversant with industry best practices and current threat landscape as well as having strong presentation and negotiation skills.
• Has mastery of a broad level of technical skills, and is up to speed with threat vectors and current threat landscape.
• Requires a range of skills within a technical or professional discipline including familiarity with principles, theories, concepts and technologies to work on generally complex operational or technical activities and an applied knowledge of established procedures, policies and practices.
• Must have at least 3 years experience in cyber/information Security or an Information Assurance role, with at least 5 years overall in a technology role
• Must have at least 2 years of experience in a security verification & validation or audit role. – Knowledge of a broad array of security solutions to address many complex control scenarios
• Network and/or Systems support background – Able to understand how a network is setup and how is should be secured from internal and external threats. Able to read and understand a network architecture diagram.
• Operational: Strong experience in task / project management – Experience in global operations, offshoring, outsourcing
• Experience in dealing with varying levels of user groups, senior executives and technical personnel and ability to effectively work with and communicate with all
• Quick and effective analytical skills to identify security risks and/or gaps in security controls – Global outsourcing knowledge and expertise in associated risks
• Should have at least 1 year of experience in physical security reviews
• Bachelor's degree in CS, IA or similar or equivalent work experience
• Training/background attending security conferences, SANS certifications, chairing of forums, writing of security/technical books and/or similar web content highly desirable
• Technology or Operations auditor experience – Active Security+, CISSP, CISA, CISM, CFE, or CEH Certification
• Excellent communication skills including the ability to adjust presentation style to the needs of the audience and based on the intended objective as well as to negotiate to effective solutions.
• Ability to effectively communicate in English.
• Responsible for the operations and administration of the organization's information security activities including systems and data security, disaster recovery, and archiving.
• Responsibilities include developing, implementing, and communicating information security standards, policies, procedures, and tests.
• Provides technical and/or analytical support to solve a wide range of complex issues/problems. Periodically makes recommendations that aid in the successful completion of projects within a product or functional area; works with limited supervision; typically reports to Supervisor or on occasion Manager
• Conduct security verification & validation reviews to ensure the ongoing protection of assets and sensitive customer information – Perform phone, online, onsite, security logs and audio/video recordings analysis security verification & validation reviews to identify security risk and non-compliance areas
• Work with peers, international counterparts, management and Legal to identify areas of risk relative to Global projects and operations, and provide recommendations for controls to the same – Create security reports outlining identified "actual " security risk areas and non-compliance with strategic recommendations to management where appropriate
• Manage, coordinate and track mitigations to ensure appropriate progress within recommended time frame
Provide management periodic updates – As requested by Supervisor, give occasional presentations to senior management and/or Legal on varying topics of Security interest
• Other tasks as requested by management