Experienced in performing security business application and infrastructure compliance reviews, risk analysis, forensics, and penetration testing.
Actively monitor systems and networks for potential intrusions
Lead, conduct and maintain security risk assessments, identify security vulnerabilities, develop recommendations, document findings and remediation plans
Manage remediation plans toward closure
Define security standards & incident response plans to detect, respond and recover from security incidents using a risk-based methodology
Develop and document security policies and procedures, training, and awareness
Serve as a security expert reviewing and recommending security controls for network, application designs, operating systems, endpoint protection, mobile device implementations of new/updated applications and services
Ensure business and technical requirements are aligned to security policies and are implemented within regulatory and corporate compliance.
Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; related to forensics and incident response
Excellent written communication and presentation skills with the ability to present complex security issues to a variety of audiences, including senior executives
Must be self-directed, able to manage individual projects or act as part of a larger team.