What are the responsibilities and job description for the IT Security Specialist position at Diversified Systems, Inc.?
Onsite
Description
DSI is searching for an IT Security Specialist to be a member of the ESS Security & Infrastructure Operations team. This senior level IT Security will support the team by leading major security initiatives, implementations, and integrations. Additionally, the resource will drive application and infrastructure security within multiple platforms to minimize application vulnerabilities and application risk.
Responsibilities
Security Integration: Integrate security as an integral part of the CI/CD pipeline, automating security testing and scanning processes.
Vulnerability Management: Identify, assess, and manage security vulnerabilities throughout the SDLC.
Security Automation: Implement and maintain security automation tools and scripts to streamline security processes.
Threat Modeling and Risk Assessment: Conduct threat modeling and risk assessments to identify potential security vulnerabilities.
Security Policy and Compliance: Enforce security policies and ensure compliance with agency policies and relevant regulations and standards.
Collaboration: Work closely with other IT teams and stakeholders to ensure security best practices are followed.
Incident Response: Participate in security incident response and recovery efforts.
Continuous Improvement: Continuously improve security practices and tools based on industry best practices and emerging threats.
Documentation: Document security processes, procedures, and findings.
Requirements
4 year College Degree required.
4 years proficiency with security scanning and vulnerability management tools (Qualys, Checkmarx, AutoRabit CodeScan) required.
4 years proficiency with DevOps platforms (Azure DevOps, Copado) required
4 years proficiency with operating systems (Windows, Linux) required
4 years experience with administering (security controls and management) Cloud computing platforms (Salesforce) required.
4 years experience working knowledge of security frameworks and standards (OWASP Top10, SANS 25, NIST SP 800-53, etc.) required.
4 years working knowledge of web application security tools (F5 Web Application Firewall, Cloudflare, AppOmni) required.
4 years working knowledge of SIEM/SOAR tools (Chronicle, Splunk) required.
4 years working knowledge of integration platforms (ServiceNow, MuleSoft, Oracle Integration Cloud, Tibco) required.
CompTIA Security Certification highly desired.
CySA Certification highly desired.
CISM Certification highly desired.
CISA Certification highly desired.
Familiarity with scripting and programming languages (Python, Power Shell,.Net) nice to have.
Familiarity with Cybersecurity platforms (CrowdStrike) nice to have.
About Diversified Systems
Founded in 1990, Diversified Systems is an award-winning Technology Services corporation providing all levels of IT project consulting services nationwide. DSI is headquartered in Columbus, Ohio with regional offices in the American Midwest and East Coast. We offer our consultants a number of flexible and competitive compensation benefit packages.
Diversified Systems is committed to the principles of equal employment. We are committed to complying with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations.
Diversity, Equity and Inclusion
DSI values authenticity and is committed to making sure our employees and partners are valued and respected. At DSI, we believe building a diverse culture is important because we know when people work together, we can achieve better results as a team. DSI realizes that everyone comes from various backgrounds. We celebrate these differences because our employees are our greatest asset as we strive to best meet the needs of those we serve. As part of our ongoing efforts, DSI is focused on advancing equality, diversity, and inclusion by setting high standards to continually evolve our culture. This includes but is not limited to recruiting, community involvement, client delivery, and career development.
Description
DSI is searching for an IT Security Specialist to be a member of the ESS Security & Infrastructure Operations team. This senior level IT Security will support the team by leading major security initiatives, implementations, and integrations. Additionally, the resource will drive application and infrastructure security within multiple platforms to minimize application vulnerabilities and application risk.
Responsibilities
Security Integration: Integrate security as an integral part of the CI/CD pipeline, automating security testing and scanning processes.
Vulnerability Management: Identify, assess, and manage security vulnerabilities throughout the SDLC.
Security Automation: Implement and maintain security automation tools and scripts to streamline security processes.
Threat Modeling and Risk Assessment: Conduct threat modeling and risk assessments to identify potential security vulnerabilities.
Security Policy and Compliance: Enforce security policies and ensure compliance with agency policies and relevant regulations and standards.
Collaboration: Work closely with other IT teams and stakeholders to ensure security best practices are followed.
Incident Response: Participate in security incident response and recovery efforts.
Continuous Improvement: Continuously improve security practices and tools based on industry best practices and emerging threats.
Documentation: Document security processes, procedures, and findings.
Requirements
4 year College Degree required.
4 years proficiency with security scanning and vulnerability management tools (Qualys, Checkmarx, AutoRabit CodeScan) required.
4 years proficiency with DevOps platforms (Azure DevOps, Copado) required
4 years proficiency with operating systems (Windows, Linux) required
4 years experience with administering (security controls and management) Cloud computing platforms (Salesforce) required.
4 years experience working knowledge of security frameworks and standards (OWASP Top10, SANS 25, NIST SP 800-53, etc.) required.
4 years working knowledge of web application security tools (F5 Web Application Firewall, Cloudflare, AppOmni) required.
4 years working knowledge of SIEM/SOAR tools (Chronicle, Splunk) required.
4 years working knowledge of integration platforms (ServiceNow, MuleSoft, Oracle Integration Cloud, Tibco) required.
CompTIA Security Certification highly desired.
CySA Certification highly desired.
CISM Certification highly desired.
CISA Certification highly desired.
Familiarity with scripting and programming languages (Python, Power Shell,.Net) nice to have.
Familiarity with Cybersecurity platforms (CrowdStrike) nice to have.
About Diversified Systems
Founded in 1990, Diversified Systems is an award-winning Technology Services corporation providing all levels of IT project consulting services nationwide. DSI is headquartered in Columbus, Ohio with regional offices in the American Midwest and East Coast. We offer our consultants a number of flexible and competitive compensation benefit packages.
Diversified Systems is committed to the principles of equal employment. We are committed to complying with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations.
Diversity, Equity and Inclusion
DSI values authenticity and is committed to making sure our employees and partners are valued and respected. At DSI, we believe building a diverse culture is important because we know when people work together, we can achieve better results as a team. DSI realizes that everyone comes from various backgrounds. We celebrate these differences because our employees are our greatest asset as we strive to best meet the needs of those we serve. As part of our ongoing efforts, DSI is focused on advancing equality, diversity, and inclusion by setting high standards to continually evolve our culture. This includes but is not limited to recruiting, community involvement, client delivery, and career development.
