Cybersecurity Consultant- Autonomy/Automation

About The Position

Requirements

• Security
• Application Security
• Secure SDLC
• IoT Security
• CI/CD
• Automation
• SCA
• SAST
• DAST
• API Security
• Web Security
• Experience with relevant industry standards, such as: o EU-CRA o ISO 27001 o NIST CSF o NIST 800-82 o ISA 62443 o OWASP
• Experience with a wide variety of information security processes and principles, such as: o Power BI o Application architecture and DevOps tooling o Connected Asset Security o Developing and deploying services within cloud platforms o Integration and automation of security into SDLC and CI/CD development processes o Threat modeling & Risk analysis o Vulnerability assessment and remediation o Identity and Access Management standards and best practices o Defense in depth o Embedded systems security o Networking concepts on-prem and cloud o API & Web services security
• Analytical Thinking: Knowledge of techniques and tools that promote effective analysis; ability to determine the root cause of organizational problems and create alternative solutions that resolve these problems.
• Consulting: Knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply consulting knowledge appropriately.
• Decision Making and Critical Thinking: Knowledge of the decision-making process and associated tools and techniques; ability to accurately analyze situations and reach productive decisions based on informed judgment.
• Technical Excellence: Knowledge of a given technology and various application methods; ability to develop and provide solutions to significant technical challenges.
• Information Security Administration: Knowledge of information security administration; ability to develop and apply an organization's information security policies, standards and procedures ensuring the integrity and safety of information.
• Effectiveness Measurement: Knowledge of effective measurement techniques and ability to measure the quality and quantity of work effort for the purpose of improvement
• Planning: Tactical, Strategic: Knowledge of effective planning techniques

Responsibilities

• Integrate and collaborate with DT&D business partners to ensure understanding of key business strategies and challenges.
• Provide cybersecurity expertise and leadership in defining, prioritizing, and executing key initiatives that deliver cyber safe solutions and enable business strategy.
• Evaluate solutions and identify technical and process improvements that deliver alignment with secure SDLC & DevSecOps best practices and Information Security Directives
• Assist in solution architecture development/documentation and perform architecture security reviews.
• Provide technical and process expertise associated with cyber governance, risk, and compliance activities.
• Drive the remediation of known vulnerabilities while developing and executing strategies that deliver operationally sustainable vulnerability management.
• Identify, track, and report key cyber metrics to business unit stakeholders.
• Develop/own documented strategies to address key cyber risk areas.
• Maintain current knowledge on existing security procedures, directives and technology controls including secure application architecture, threat modeling, attack and penetration testing, data classification and data handling.
• Participate in working groups and provide insights into solution development teams on leading architecture, design, and security practices.

Benefits

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)