The Cyber Security Technical Consultant will deliver security technical consulting to internal organizations and Information Technology Services (ITS).
The Cyber Security Technical Consultant will evaluate needs of key stakeholders to find solutions to challenging situations. Primary areas of expertise are IT infrastructure, Mergers & Acquisitions, Emerging Technologies (Cloud, BYOD) and information security compliance (HIPAA, SOX, PCI).
This position is very technical in nature. This person will provide guidance and mentoring to teammates and handle technical escalations. Represent cybersecurity organization in the most technically, or politically, challenging engagements. Facilitate team operations and ongoing execution of work activity. Backup all teammates in all engagements as necessary/warranted.
• Drive SDL across ITS and business segments, for internal and externally facing applications, including Ecommerce sites, Mobility (Android, Apple IOS), and legacy applications;
• Source code analysis and remediation using Fortify; Network security assessments and analysis for corporate and non-corporate network environments;
• Firewall policy evaluation, review, and design;
• Ensure compliance across applications and networks for PCI, HIPAA, and SOX;
• Provide training and guidance for security including Threat Modeling, Penetration Testing, SDL, Code Security Reviews, Cloud security reviews, third party risk mitigation, and decision making on exception handling.
• Bachelor's degreerequired, preferably in computer science or information systems
• 5+ years of experience leading penetration testing, application testing, and red team engagements
• 10+ years of Information Technology, with a background in Security and Compliance experience
• Experience with security tools such as – Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various commercial and self-developed testing tools
• Experience with scripting languages such as python, ruby, POSIX shell, as well as familiarity with programming languages such as: C/C++/ObjC/C#, Java, PHP, or .NET
• Understanding of:
- Web protocols (e.g., HTTP, HTTPS, and SOAP)
• Experience with WLAN security concepts and testing
• Strong technical communication skills, both written and verbal; ability to explain technical security concepts to executive stakeholders in business language
• While experience in a number of IT disciplines may provide a solid framework for this position, hands-on results from performing IT risk assessments, information security consulting or IT audits are most beneficial.
• Experience in the following regulations and Frameworks: PCI, ISO 27001/2, HIPAA, GLBA, NIST
Kimberly-Clark and its well-known global brands are an indispensable part of life for people in more than 175 countries. Every day, 1.3 billion people - nearly a quarter of the world's population - trust K-C brands and the solutions they provide to enhance their health, hygiene, and well-being. With brands such as Kleenex, Scott, Huggies, Pull-Ups, Kotex, and Depend, Kimberly-Clark holds No.1 or No. 2 share positions in more than 80 countries. With more than 140 years of history of innovation, we believe in recruiting the best people and empowering them do their best work. If fresh thinking and a passion to win inspire you, come Unleash Your Power at Kimberly-Clark.
Kimberly-Clark is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity, age, pregnancy, genetic information, citizenship status, or any other characteristic protected by law.
The statements above are intended to describe the general nature and level of work performed by employees assigned to this classification. Statements are not intended to be construed as an exhaustive list of all duties, responsibilities and skills required for this position.
K-C requires that an employee have authorization to work in the country in which the role is based. In the event an applicant does not have current work authorization, K-C will determine, in its sole discretion, whether to sponsor an individual for work authorization. However, based on immigration requirements, not all roles are suitable for sponsorship.
This position is subject to drug and alcohol testing, including pre-employment testing.
Global VISA and Relocation Specifications:
This role is available for local candidates already authorized to work in the role’s country only. K-C will not provide relocation support for this role outside of country, this role is available for in-country relocationonly.