Job description
Job Title : Information Security Specialist
Location : Gresham, Oregon, 97230
Duration: 12 Months(Contract)
Job Description
Acquisition Specialist Responsibilities:
-Discover vulnerability tool inventory & identify immediate gaps
-Evaluation & assist in Integratation or Migratation to USB Tools.
-Discover asset management process and respository for infrastructure, software, cloud, container, identify immedate gaps
-Discover High Value Asset (HVA/Tier1 Assets) critera defintion, treatment, inventory maintenence process
-Identify and define managed vulnerablity scanning and managed services, contract terms/dates, services provided with acquisition responsiblities
-Identify current vuln remedation performance evaluated against acquisition SLA's and compared to USB SLA's
-Assist in transition to future state vuln scanning sevices and technology intergation changes
-Discover baseline configuration standard definition, management and remediation processes, assist with transition to future state Baseline scanning services or integration
-Identify current critical vulnerability risk issues (issue or root cause management) open or not closed & current remediation state
-Assist with establishing quarterly vulnerability/baseline governance reviews are established
-Assist with integrating into USB escalation processes
-Identify tech debt (EOL/OBS assets & Software) current state
-Identify Secrets (Gitlab) monitoring and remediation
-Bitsight Identification and Remediation Plan discovery
-Identify acquisition patch cadence & mitigation workflows
-Assist in identifying ServiceNow Integration USEM technology data feeds, assignment and remediation workflow development and implementation criteria
Location: Hybrid, onsite 60%+ of the time. Preference given to the Portland, St Louis, Minneapolis, or Hopkins hubs. Will also consider candidates sitting in Atlanta, Boston, Charlotte, Chicago, Cincinnati, Denver, Fargo, Knoxville, or Milwaukee.
Can you please provide a summary of the project/initiatives which describes what's being done?
Individual will be working with the team and the project manager to create and document existing functions/criteria/gaps for a new acquisition.
What are the top 5-10 responsibilities for this position?
Attend meetings to drive results and document progress, report regularly to management, evaluate & provide feedback on process/procedure work, work with scanning team and VCRS Team to tune needs for integration, assist in the design plan and implementation testing of the migration to USB systems
What skills/technologies are required?
1 to 2 years in business process design, Visio/Lucid design skills, documentation skills, Experience with vulnerability scanning tools
What skills/attributes are preferred?
Bitsight Exp, ServiceNow Exp
What does the interview process look like?
o How many rounds? 2 to 3
o Video, phone, or in person? Video/In person depends on location of candidate
o How technical will the interviews be? Moderately
Most Popular Jobs Similar to Information Security Specialist
information security analyst
information systems security specialist
information security consultant
it security specialist
cyber security specialist
information security associate
information systems security analyst
security analyst
computer security specialist
information technology security analyst
Frequently asked questions
Q: What skills or qualities help someone succeed as a Information Security Specialist?
A: To succeed as an Information Security Specialist, key technical skills include proficiency in security frameworks and protocols (e.g., NIST, HIPAA), programming languages (e.g., Python, C++), and security tools (e.g., firewalls, intrusion detection systems). Additionally, strong analytical and problem-solving skills, as well as effective communication and collaboration skills, are essential for working with cross-functional teams and stakeholders to identify and mitigate security risks. These technical and soft skills enable Information Security Specialists to effectively protect an organization's assets and data, supporting career growth and effectiveness in the role.
Q: What is the career path for a Information Security Specialist?
A: A typical career path for an Information Security Specialist involves progression from entry-level roles such as Security Analyst or Junior Penetration Tester, to mid-level positions like Security Consultant or Incident Response Specialist, and ultimately to senior roles like Chief Information Security Officer (CISO) or Security Architect. Key opportunities for skill development and professional growth include certifications like CompTIA Security+ or CISSP, as well as hands-on experience with security tools and technologies, and staying up-to-date with industry trends and best practices. Long-term career prospects may lead to leadership positions in security, or opportunities to transition into related fields like cybersecurity consulting, risk management, or digital forensics.
