Information Security Specialist


Rochester, NY

Industry: Technology


Less than 5 years

Posted 27 days ago

  by    Kirk Merritt

Come work with WNY leading managed services company. Excellent room for growth potential and the chance to work with some of WNY brightest security experts.

Job Description

The Information Security Specialist is a client-focused position that works with our customers to develop a comprehensive security program. Security Consultants will leverage security tools to detect and preventcyberthreats to our customers. Additionally, responsibilities include planning, implementing, and monitoring security controls.

The Security Consultant will be part of a select group of industry recognized experts and work on unique security solutions associated with next-generation technologies and emerging securitythreats. Ongoing training and professional certifications are part of the job requirements.

Skills Sets Required


  • Experience in analyzing and creating remediation strategies for vulnerability management programs, securityarchitecture reviews, penetration testing, web application security reviews, and wireless security assessments.
  • Experience analyzing and creating firewall policy rules.
  • Experience developing security analysis documentation and recommended remediation actions. Experience analyzing network topologies, securityarchitectures, security solutions, tools, and IT Policies and standards to find gaps between in-place programs and industry best practices.
  • Deep understanding of networking protocols including (e.g., TCP/IP, SNMP, DNS).
  • Knowledge of Authentication and Authorization mechanisms, Identity Access Management, user provisioning best practices.
  • Proficiency in using various security tools, but not limited to, Nessus, Metasploit, Nipper, Kali, etc.
  • Familiarity with industry standards such as PCI DSS, HIPAA\HiTech\HiTrust, DFARS, NIST SP-800 series, CIS 20 Critical Controls, OWASP.
  • Knowledge of the Eight Information Security domains in ISC2 CBK.
  • 2-4 years of experience within an Information Security department or organization.




  • Proven collaborator.
  • Takes ownership of the project, tasks and client deliverable.
  • Ability to prioritize effectively and handle shifting priorities professionally.
  • Exemplary written and verbal communication skills.
  • Produce and review reports to support project deliverables.
  • Analyze technical results from security assessment and monitoring systems.
  • Create clearly stated remediation recommendations based on industry best practice.
  • Successfully interface with clients (internal and external).
  • Document and explain technical details in a concise, clear manner.
  • Provide training, perform public speaking and be comfortable in front of an audience.
  • Manage personal schedule, projects tasks, and team deliverables.
  • Participate in pre-sales calls and write Consulting proposals and statements of work.
  • Assist the Sales team in presenting proposals and closing sales opportunities.
  • Provide weekly time accounting and monthly expense reports.


Education and Certification


  • BS Computer Science/Engineering or significant demonstrable experience in networksecurity.
  • Certifications such as CISSP, CCSP, CISM, CISA, GSEC, GIAC, and CEH are desirable but not required.