Location: Plano, Texas

Description
A security consultant with infrastructure, security, and architecture experience to work with the Client Project Development team and act as a communication nexus with the client Infrastructure and Security team. The goal of this engagement is to maintain forward momentum on approvals, inquiries, and follow up actions necessary for successful project delivery.

Engagement tasks will include:

• Catalog risks based on design reviews
• Conduct initial security design review of proposed infrastructure
• Develop recommendations to improve confidentiality, integrity, and availability of systems and critical data
• Conduct ongoing reviews of project from a security perspective, to identify emerging issues and track compliance towards recommendations
• Adhere to all compliance and regulatory requirements such as NYDFS, HIPAA, CCPA and others where applicable.
• Ensure architectural design adheres to industry standards and best practices such as NIST/ISO/CIS/CSA
• Evaluate incoming technical requests between the client Security and client Infrastructure teams
• Validate and clarify requests to determine if sufficient information has been submitted for an appropriate client Leadership decision to be made
• Communicate concerns or potential risk to client leadership
• Facilitate communication between teams to maintain task momentum
• Technical oversight and project management in support of security consulting services

For the length of this project, the consultant’s guidance will be focused on the following areas:
Principle of “Default Deny”

• Host-to-host and server-to-server communications
• Developer access (separation of duties)
• Secure configuration and implementation guidance for various technologies including Linux, Mongo, Hadoop, Talend, SQL, Mongo Atlas, Splunk, Azure cloud, and others as needed
• Logging, monitoring, alerting, and audit trails Identity and access management
• Patching and vulnerability management Compliance (NYDFS, HIPAA, CCPA, and others as needed)
• Client data encryption (at rest and in transit) Validation of security controls that have been implemented

Salary: 

• 100k to 130k (Full-time)