Infrastructure & Application Vulnerability Management Consultant
?We are looking for Infrastructure & Application Vulnerability Management Consultant for our client in Indianapolis, IN
Job Title: Infrastructure & Application Vulnerability Management Consultant
Job Location: Indianapolis, IN
Job Type: Contract ? 12 Months / Contract to Hire / Direct Hire
- The Vulnerability Risk Management Consultant is responsible for managing all aspects of the Vulnerability Risk Management Program including vulnerability identification, analysis, remediation coordination and reporting.
- Required Skills & Experience:
- Comprehensive knowledge of Vulnerability Management identification, analysis, metrics and reporting tools as well as processes enabling proper governance, risk and compliance.
- Working knowledge of ITIL and experienceworking with IT services.
- Strong written and oral communication skills.
- 5+ years of Advanced experience with:
- Data analysis and problem resolution. Must be able to integrate and correlate large
- amounts of data to identify complex patterns and trends.
- Applying good risk?based judgment to complex problems.
- Evaluation of threats and risk to business operations resulting in security solutions that appropriately balance cost and risk mitigation.
- IT infrastructure solutions such as Networking & Telecommunications, System Administration (Windows, Linux, UNIX, Mac OS X, iOS), Databases (Oracle, SQL Server, MySQL), Web servers (Apache, MS IIS), Web Applications (.Net, Java, Cold Fusion, PHP, Node.js, Ruby on Rails) and authentication/access control technologies (MS Active Directory, LDAP).
- Experience in assessing the risk of a proposed solution, escalating appropriately and driving to closure.
- Ability to think analytically and to understand and communicate quantitative information.
- Some or all of the following certifications are preferred but not mandatory:
- Certified Information System Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Ethical Hacker (CEH)
- Certified Security Essentials (GSEC)
- Certified Enterprise Defender (GCED)
- Certified WindowsSecurity Administrator (GCWN)
- Certified UNIX Security Administrator (GCUX)
- Certified Penetration Tester (GPEN)
- Certified Web Application Penetration Tester (GWAPT)
- Certified Exploit Researcher & Advanced Penetration Tester (GXPN)
- Certified Incident Handler (GCIH)