Information Security Consultant

TEAM: INFORMATION TECHNOLOGYPAY TYPE: SALARYJOB OVERVIEW:At NCCI were looking for an Information Security Consultant to join our team in leading the design implementation and integration of advanced security operations solutions including but not limited to Identity and Access Management Threat Management (Vulnerability Management SIEM and Incident Response) Cloud Security across major platforms (OCI Azure and AWS) and Network this role youll also provide technical security guidance to the Software Engineering and Infrastructure and support the Information Security Engineer and Architects in strategic planning new tool selection and process LOCATION:This position will work in a flexible-hybrid environment. The selected candidate must live locally within a commutable distance to our Boca Raton FL : NCCI will not sponsor applicants for work YOULL DO: Partner with various IT teams to create and maintain applicable security standards primarily for cloud environments such as Azure AWS and OCI; and participate in other security disciplines such as IAM vulnerability management and IT systems (Networks Windows Linux Database Endpoint) SecurityMaintain and implement incident handling plans as they relate to cloud incident response; participate in incident response activities and plan coordinate and perform security testing exercises such as pen testing and tabletop exercises including cloud-based scenariosDevelop strategies to improve efficiencies using automation and orchestration solutions (ie: infrastructure-as-code and cloud security automation) to reduce manual work that can be done programmaticallyLead the creation and maintenance of documentation related to NCCIs security framework program and standards where applicable to role including cloud security architecture and control mappingsWHAT IT TAKES: Bachelors Degree6 years experience in an intermediate-level Information Security role with proven expertise in multiple aspects of security and IT operations including securing cloud or hybrid environmentsIn lieu of the degree additional work experience and/or trade school or applicable certifications would be acceptableCertification in at least one of the following: CISSP SANS GIAC CEH or vendor specific certifications related to security disciplines such as cloud (ie: AWS Azure or OCI security certifications)Advanced knowledge of:Information Security concepts principles and practicesCloud security across multiple disciplines including IAM Workload Security and Cloud Security Posture overallSecurity aspects for multiple operating systems networking technologies encryption technologies and applicationsNetwork security technologies such as Firewalls VPN IDS/IPS and Access Management including Role Design Campaign Design Source System Integration and cloud IAM servicesContinuous monitoring principles including threat management SIEM File and Database Activity Monitoring and Incident Response in both on-prem and cloud environmentsMultiple security domains inclusive of security management access control systems and methodology network security cryptography operations security application and system development security threat management and incident responseSecurity control frameworks standards governance and security best practices as applied to cloud and hybrid architecturesIntermediate knowledge of:Secure Coding principlesScripting experience and programming language such as PERL or scripting used for cloud automation (e.g. Python PowerShell)Proven ability to:Work independently with guidance in only the most complex situationsBe agile in learning seek to excel be curious and adaptableAct as lead in managing security related projects and investigations including cloud security initiativesMaintain a high level of professionalism and confidentialityWork well under pressureSolve complex problems analyze information identify and assess risks and make tactical and strategic recommendationsExcellent organizational planning written and verbal communication skillsStrong client-facing skills with ability to handle and lead conversations with large technically diverse teamsOrganized responsive and highly thorough problem solverExperience driving measurable improvement in security operations and risk reduction within the organization including cloud risk reductionExcellent time management skills to aid in meeting specific goals and plans to prioritize organize and accomplishAbility to be on-call and work outside of regular business hours as neededAn additional requirement for this role is the successful passing of a credit check review for the selected candidatePREFERRED SKILLS AND EXPERIENCES: Additional advanced information security related certifications from SANS GIAC (Global Information Assurance Certification); ISACA ISC2 -on experience securing cloud environments such as OCI Azure and/or AWS including logging monitoring IAM workload security cloud security posture and cloud network securityWHAT YOULL RECEIVE: Work for the leader in workers compensation information providing data insights and tools for almost 1000 insurance companiesCompetitive starting base pay plus a targeted annual performance bonusFor local candidates: a phenomenal work environment with perks including an onsite café coffee shop game room fitness center and employee activities and sports leagues to participate inWonderful team of dynamic people to work with who are fun caring and friendlyPositive work environment and culture that celebrates success and honors each others contributions to the teamFantastic benefits package and total rewards offeringsWHO TO CONTACT: Zach WierzbaSr Talent Acquisition