Apply for this job now

Information Security Specialist - Information Technology (Multiple Locations)

Location
Raleigh, North Carolina
Job Type
Permanent
Posted
21 Jul 2022
Description

The Information Security program protects Burns & McDonnell data, systems, and employees from evolving cyber threats and provides cybersecurity governance for the company. Burns & McDonnell is rapidly transitioning to cloud infrastructure, applications, and services. Information Security needs a Staff Information Security Specialist focusing on cloud security. The Information Security Specialist provides cybersecurity subject matter expertise and performs Information Security functions of protecting the company.
  • Conduct security risk assessments of cloud-based applications and services currently used, or may be potentially used, by the company, rank security risks, and articulate risk in terms of business impact.
  • Collaborate with the business on cloud-based applications and services evaluated with high risk to propose alternate solutions, compensating controls, or risk reduction strategies.
  • Collaborate with individual employees using overly permissive cloud-based applications to mitigate the risk of company data exposure.
  • Analyze Burns & McDonnell cloud infrastructure environments for cybersecurity risks and provide mitigation recommendations to relevant IT architecture, engineering, and operational teams.
  • Perform security verification of configuration and settings for Burns & McDonnell cloud infrastructure environments and Software as a Service (SaaS) solutions.
  • Provide advice and guidance in implementing Information Security policies, standards, and requirements applicable to cloud security.
  • Conduct exercises to validate the effectiveness of cloud-related cybersecurity controls.
  • Provide oversight to remediate cloud-related security findings identified through internal audits, external audits, penetration testing or vulnerability scanning.
  • Identify and recommend improvements to the company cybersecurity capabilities.
  • Lead assigned Information Security initiatives and projects
  • Assist with responding to cyber threats associated with cloud infrastructure, applications, and services.
  • All other duties as assigned
Qualifications
  • Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Technology, or related field. Applicable years of experience may be substituted for the degree requirement.
  • Minimum 8 years of experience (4 years in information Security preferred).
  • Information security certification preferred.
  • Highly effective oral and written communication skills with ability to convey security concepts and risks to non-technical personnel
  • Demonstrated knowledge of securing cloud environments and applying cloud security controls
  • Demonstrated knowledge of cloud architectures (preferably Azure and AWS), integration of SaaS solutions, and cloud-based applications
  • Demonstrated knowledge of security risk analysis and assessments
  • Demonstrated knowledge of applying security testing methods
  • Demonstrated knowledge of MITRE ATT&CK framework and emerging cybersecurity threats
  • Demonstrated knowledge of investigating cloud-related threats and applying computer forensics principles
  • Demonstrated knowledge of applying network operations and protocols
  • Demonstrated knowledge of one or more programming/scripting language (preferably in PowerShell)
  • Demonstrated knowledge of security policies and standards
EEO/Minorities/Females/Disabled/Veterans

Job Security

Primary Location US-MO-Kansas City

Other Locations US-AZ-Phoenix, US-TX-Houston, US-NC-Raleigh, US-FL-Orlando, US-CT-Wallingford, US-CA-Brea, US-VA-Norfolk, US-GA-Atlanta, US-MN-Minneapolis/St Paul, US-IL-Chicago, US-PA-Conshohocken, US-SC-Greenville

Schedule: Full-time

Travel: No

Req ID: 221546

Apply for this job now

Details

  • Job Reference: 664003649-2
  • Date Posted: 21 July 2022
  • Recruiter: Burns & McDonnell
  • Location: Raleigh, North Carolina
  • Salary: On Application
  • Sector: I.T. & Communications
  • Job Type: Permanent