Information Security Manager

Job Description

Job Description

Job Title: Information Security Manager Pay rate: $ 68.89 an hour Benefits: 401(k), Medical, Dental, and Vision Coverage Location: Santa Clara, CA (3 days Onsite in Mandatory (Hybrid) Contract Duration: 7 months (possibility of being

permanent/extension) Working Hours: 8-5 M-F PST

Position Overview: Work with one of the Company's prized clients in the heart of Silicon Valley by ensuring security for critical infrastructure.

We are looking for a talented hands-on security professional who has deep technical knowledge and also likes contributing to the strategic direction.

In this role, you will get to work with the full array of security solutions as well as support the security provisions throughout the environment’s infrastructure – networks, servers, desktops, and applications.

You will also contribute toward strategic planning based on risk assessments and analysis.

Qualifications: Bachelor's degree or higher in CS, CIS, MIS or equivalent

Security Certification(s), such as CISSP, CISM, CGEIT, GSEC, CEH, MCSE: Security, and CCNP-Security certification

5-10 years of hands-on security administration or engineering experience

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

US CITIZENSHIP REQUIRED.

Skills: Client engagement soft skills are required

The ability to present and explain security and risk information for business executives to understand

The ability to lead people of various levels and technical expertise

The ability to prioritize and persuade in order to move the security program forward amongst competing initiatives

Experienced with security solutions (e.g. firewall, VPN, SIEM, IPS, URL filtering, Endpoint protection, MFA, NAC)

Strong understanding of NIST 800-53 & CSF, risk assessment and incident response standards

Strong understanding of Microsoft Active Directory, GPOs, Windows DACL/SACL, and Linux

Strong understanding of protocols, such as IPsec, ESP, GRE, SSL/TLS, 802.1x, RADIUS/TACACS, HSRP, GSLB, and WCCP

Ability to perform and analyze packet captures

Ability to analyze suspicious emails, URLs, and files to ascertain if they are malicious

Knowledge of hacking techniques, vulnerability disclosures, and security analysis techniques

Knowledge of malware families, botnets, threats by sector, attack campaigns, and attack methods

Scripting language such as PowerShell or PERL

Familiarity with incident tracking, change management, and project tracking systems like ServiceNow and Jira.

Responsibilities: Ownership of day-to-day security events, performing incident response using NIST SP 800-61 standards, and determining root causes

Create and lead security initiatives that reduce risk as well as automate detection and protection mechanisms

Manage and update the cybersecurity plan in order to identify needs and implement comprehensive security controls using multi-layered security and defense-in-depth

Be knowledgeable of customer information security policies, standards, and procedures, as well as the infrastructure equipment, versions, and configurations.

Collaborate with all operations teams to ensure security controls and configurations are implemented and incorporated into their ongoing operations

Server security through vulnerability management, system patching, and secure configuration

Network security through segmentation firewall zoning and ACL policies, as well as secure configurations in firewalls, routers, switches, VPNs, and load balancers

Endpoint security management to prevent malware and insider threats

Email security through Spam filtering and use of SPF & DMARC

Application security based on OWASP Top 10

Monitor SIEM, IPS, event logs, and reports for indicators of attack and indicators of compromise

Proactive client involvement in solving client challenges and business opportunities

Contribute quarterly security advisories for the Security Awareness Program

Keep security plans and documentation updated, such as the disaster recovery plans and security policies, and create internal operating procedures to support and enforce customer policies and procedures in order to ensure the availability, integrity, and confidentiality of customer assets and data

Continuously mature the GRC program

Governance: Collaborate with client stakeholders and steering committees to ensure plans and identified solutions meet business needs and expectations.

Risk: Working with stakeholders to perform risk management and ongoing assessments, and then selecting mitigating and corrective controls based on Pareto analysis

Risk: Reviewing SOWs and RFP responses to assess risks

Risk: Collect, analyze, and validate open-source intelligence

Compliance: Ensure regulatory compliance with PCI-DSS, CJIS, and the California Consumer Privacy Act of 2018 (AB-375)

Communicate with the Company team on a regular basis to provide timely and informative reports and related analysis and recommendations to maintain and improve service delivery

Provide up-to-date information to clients in response to specific inquiries and meet all commitments ahead of due dates

Monthly presentations to executives on the current state of risks, the status of security controls, and remediation timelines

Monthly reports on security operations that provide current states of security controls

Company Description Overview

TechLink Systems is a national provider of staffing services with offices all over the USA as well as development and support centers globally. We are a MBE (NMSDC), WBE (WBENC), and WOSB certified minority business that has been awarded 2017 TAPFIN Premier Partner, 2016 Manpower Excellence Award, 2016 TAPFIN Elite Partner, are a Known Tier Supplier for Agile 1, and have been ranked as a Top Women and Minority Owned Company since 2004 by several businesses including Philadelphia Business Journal, Diversity Business, Inc 5000, Inc 500, San Francisco Business Times, Diversity2000, and Los Angeles Business Journal.

We serve the contract staffing, direct hire, staff augmentation, recruitment, HR management, and project outsourcing needs of clients nationwide. Striving to create personal relationships with clients, TechLink Systems becomes a virtual extension of clients’ own in-house capabilities to help achieve new levels of growth, productivity, and competitiveness.

We also have national recruiting centers that service our enterprise and MSP/VMS clients. We are a Secret Cleared Facility and our core competencies are Information Technology, Engineering, Customer Service/Call Center, Admin/Clerical,

Finance/Accounting,

Scientific/Clinical,

Sales/Marketing, Legal, Human Resources, Light Industrial (limited), and Professional across a range of industries.

The company’s talented Recruiters and HR Specialists have backgrounds in many cutting-edge, high-performance industries making TechLink Systems an ideal partner for recruitment process outsourcing.

We look forward to our partnership with you

Company Description

Overview\r\rTechLink Systems is a national provider of staffing services with offices all over the USA as well as development and support centers globally. We are a MBE (NMSDC), WBE (WBENC), and WOSB certified minority business that has been awarded 2017 TAPFIN Premier Partner, 2016 Manpower Excellence Award, 2016 TAPFIN Elite Partner, are a Known Tier Supplier for Agile 1, and have been ranked as a Top Women and Minority Owned Company since 2004 by several businesses including Philadelphia Business Journal, Diversity Business, Inc 5000, Inc 500, San Francisco Business Times, Diversity2000, and Los Angeles Business Journal. \r\rWe serve the contract staffing, direct hire, staff augmentation, recruitment, HR management, and project outsourcing needs of clients nationwide. Striving to create personal relationships with clients, TechLink Systems becomes a virtual extension of clients’ own in-house capabilities to help achieve new levels of growth, productivity, and competitiveness. \r\rWe also have national recruiting centers that service our enterprise and MSP/VMS clients. We are a Secret Cleared Facility and our core competencies are Information Technology, Engineering, Customer Service/Call Center, Admin/Clerical, Finance/Accounting, Scientific/Clinical, Sales/Marketing, Legal, Human Resources, Light Industrial (limited), and Professional across a range of industries. \r\rThe company’s talented Recruiters and HR Specialists have backgrounds in many cutting-edge, high-performance industries making TechLink Systems an ideal partner for recruitment process outsourcing.

\r\rWe look forward to our partnership with you #J-18808-Ljbffr