Security Consultant- Big Data in Alpharetta, GA at HUNTER Technical Resources

Date Posted: 7/10/2019

Job Snapshot

Job Description


Big Data Security Consultant

Summary
This role will directly engage in delivery on programs and projects, defining security architectures, providing security guidance, identifying and prioritizing security-related requirements, promoting secure-by-default designs and facilitating delivery of information security services throughout the system development life cycle (SDLC). The role will also direct consultants in developing appropriate risk treatment and mitigation options to address security vulnerabilities to translate these vulnerabilities into business risk terminology for communication to business stake holders.

Responsibilities
• Define security architectures and provide pragmatic security guidance that balance business benefit and risks.
• Engage IT project teams throughout the SDLC to identify and prioritize applicable security controls and provide guidance on how to implement these controls
• Perform risk assessments of information systems and infrastructure
• Maintain and enhance the Information Security risk assessment methodology
• Define security configuration standards for platforms and technologies
• Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit
• Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stake-holders
• Provide knowledge sharing and technical assistance to other team members
• Act as Subject Matter Expert (SME) in responsible technologies and have deep technical understanding of responsible portfolios

Requirements
• Strategic skills to assist with the development of a long-term vision for the firms risk management security framework & approach
• Ability to appropriately balance firm security needs with business impact & benefit
• Ability to facilitate compromise to incrementally advance security strategy and objectives
• Ability to team well with others to facilitate and enhance the understanding & compliance to security policies
• Experience facilitating meetings with multiple customers and technical staff, including building consensus and mediating compromise
• High degree of tolerance for ambiguity
• Five or more years Working experience with the architecture, design and engineering of web-based multi-tier information systems or network infrastructures
• Experience with security architecture, design and assessment of messaging, ERP, CRM and or data analytics solutions
• Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies
• Experience working with common information security standards, such as: ISO 27001/27002, ISO 27017 and ISO 27018, NIST CSF, HITECH, PCI DSS, HIPAA, FFIEC
• Bachelor' s Degree or equivalency (CS, CE, CIS, IS, MIS, or engineering discipline)
• Five or more years of experience in the management of a significant Information Security risk management function
• 8 or more years of experience in an Information Security or Information Technology discipline
• Experience in managing the communication of security findings and recommendations to IT project teams and management
• Exceptional judgment, tact, and decision-making ability
• Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
• Outstanding management, interpersonal, communication, organizational, and decision-making skills
• Strong English language skills are required
• Experience as a software security architect
• Thorough understanding of securing Data Analytics and AI/ML technology platforms including: Cloudera, Hortonworks, Azure Data Lake Store, Apache Ranger, Apache Atlas, Azure AD
• Good Understanding of Containerization technologies (e.g., Docker)
• Good Understanding of Open Source stack - desirable
• Good understanding of Multi Tenancy based applications
• In-depth knowledge of Cloud-based high-performance compute & storage architecture and security practices
• In-depth knowledge of application security technologies and access management such as SSO, federation, etc.
• Experience in full identity and access lifecycle management (authentication & authorization)
• Familiarity with configuration management concepts and tools (e.g., Git, Subversion, TFS)
• Familiarity with Agile software development concepts
• Data Management privacy, security and data protection experience
• Demonstrated knowledge of industry trends and standards in data management, data governance, cloud security,
• Working knowledge of Enterprise Architecture and Enterprise Security architecture principles and frameworks (SABSA, TOGAF, Zachman, Gartner, DOD etc.)
• Candidates are preferred to hold or be actively pursuing related professional certifications within the GIAC family of certifications or: CISSP, CISM, *TOGAF 9 certified