Senior Lead Info Security/Cybersecurity Engineer
Posted on Jun 3, 2021 by MCG - Midwest Consulting Group
Title: Sr. Lead Info Security/Cybersecurity Engineer
Years of experience: 10
Overview: Hands on technical lead role in charge of information/cybersecurity strategy and choosing a software for the info security team. Will need to have a risk and compliance background and conduct penetration testing, create policies and procedures then test them. Will also mature and maintain the ISMS and GDPR program on a GRC platform.
- Certifications to include CISSP, CISM, GIAC, Offensive Security, etc.
- Scanning and testing tools (DAST, SAST, API. Mobile, etc), penetration testing tools and platforms (NMAP, Nikto, OWASP-ZAP, WireShark, Burp Suite, etc), risk management tools, etc
- Securing and monitoring cloud environments
- Implementing policies and procedures for compliance and audits
- Threat Modeling (STRIDE, Trike, P.A.S.T.A.)
- Demonstrated understanding of Essential strategies to gather events, analyze them, and determine classification and criticality of security vulnerabilities and code weaknesses
- Privacy and GRC (Governance, Risk Management, and Compliance)
- Frameworks such as MITRE ATT&CK, PTES, OWASP, NIST
- Ability to manage a team of internal auditors to assist with Information Security internal audit