Cyber Security Project Manager/Technical Writer at Zensar Technologies
Baltimore, MD 21201
About the Job
Cyber Security PM cum Technical Writer and Researcher
Remote Role
Fulltime- Permanent Role
Salary- 80k-93k/Year+ Benefits- DOE
This role will report to the Senior Manager, Special Services and play a key role in helping shape the future of the Client's Information Security program. We are looking for an experienced cybersecurity practitioner with an exceptional level of understanding of leading security technologies and prevailing and emerging threat methodologies.
Essential Functions:
- Conduct open-source research to gather and analyze security information on vendors, software, platforms, applications, and appliances.
- Perform security reviews to evaluate the effectiveness of security controls and recommend acceptance or disapproval of vendors/items.
- Develop and document information assurance/security standards and procedures, including Standard Operating Procedures (SOPs).
- Identify, report, and resolve/mitigate security violations.
- Collaborate with infrastructure and engineering teams to integrate security requirements into their projects.
- Develop business requirements, security requirements, architecture diagrams, implementation guidance, and project management for security technology deployments.
- Advise and support the execution of projects on the security capabilities roadmap, developing security integration plans to protect existing infrastructure and incorporate future solutions.
- Participate in security architecture reviews to integrate requirements as part of the project management lifecycle. Ensure technology initiatives are implemented within our framework.
- Plan, execute, and report on strategic and tactical operational security activities and key performance metrics.
- Provide technical data security assistance to internal teams implementing new systems or modifying existing applications.
- Conduct security design reviews and security system tests for hardware and software containing sensitive information prior to placing project deliverables into operation, ensuring results are captured in the overall Information System documentation.
- Provide guidance on needs and priorities to partners on the integration of information security aspects into new hardware platforms.
- Work closely with information technology leaders across the company to help them evaluate and prioritize secure hardware best practices and identify areas of improvement.
- Build strong relationships and collaboration with information technology and cross-functional teams across the company.
- Actively solicit feedback from teams and use that feedback to improve operational effectiveness as infrastructure scales.
- Communicate effectively across departmental boundaries to foster relationships and ensure understanding of security processes.
- Confidently inform individuals of security processes and, when necessary, deny requests that do not meet security standards.
- Conduct assessments of existing IT architecture for compliance with security requirements from applicable security frameworks (such as HITRUST CSF, NIST 800-53, etc.).
- Create documentation to support information system authorization/accreditation packages.
- Maintain Federal IT security policies, standards, and guidance.
- Participate in Incident Response and scheduled On-Call activities.
- Logically organize SharePoint and identify missing documentation.
- Revise ServiceNow workflows.
- Maintain accurate project documentation.
- Proofread SOPs for accuracy, consistency, and content.
- Assist in developing policies and procedures.
- Assess organizational software, hardware, platforms, and vendors; audit their compliance with guidelines and document the review outcomes.
- Other duties as assigned.
Education and Experience:
- 3+ years of demonstrable Information Security experience, particularly in Security Engineering and Security Operations.
- Thorough understanding of open-source intelligence (OSINT) methods and research techniques.
- Strong critical thinking and analytical skills for evaluating security information and making recommendations.
- Ability to work independently and manage multiple tasks effectively.
- Proficiency in using ServiceNow and SharePoint for managing security incidents and documentation.
- Extensive Windows, Mac, Linux, and Unix experience, including deep knowledge of file system layout, log file analysis, timeline creation, and common configuration deficiencies.
- Knowledge of desktop, server, application, database, and network security hardening principles and practices for threat prevention.
- Experience in security architecture design, network segmentation, firewall rule sets, network edge access control lists, and cloud security.
- Expertise with hybrid cloud infrastructure (on-premise and public cloud, AWS, Azure, GCP) with a particular focus on the security strategy and implementation.
- Solid understanding of NIST CSF and the CIS Cybersecurity Framework.
- Desirable certifications include Certified Cloud Security Professional (CCSP), CompTIA Security+, Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Threat Intelligence Analyst (CTIA), Offensive Security Certified Professional (OSCP), and Certified Purple Team Expert (CPTE).
Competencies:
- Analytical
- Customer/client service focused
- Leadership
- Prioritization/organization
- Problem solving/analysis
- Teamwork/ building effective teams
- Technical capacity
Salary
80,000 - 90,000 /year
Benefits
Benefits