Security Analysis Consultant

india

Overview::

We have an opportunity as an Information Systems Security Engineer (ISSE). In this role you will provide system security engineering services and products to ensure the secure, reliable, and uninterrupted availability of developed and deployed systems.

The ISSE ensures core security engineering principles are implemented into program information system (IS) architectures.

Responsibilities::

Lead the design, implementation, and maintenance of cybersecurity solutions to protect digital assets, including networks, applications, databases, and cloud environments.

-Perform regular security assessments, vulnerability assessments, and penetration testing to identify and address potential weaknesses in our clients' systems and applications.

-Collaborate with internal teams and external partners to develop and enforce security policies, procedures, and standards that comply with relevant regulations and industry frameworks.

-Monitor and analyze security incidents, respond to security breaches, and lead incident response efforts to minimize the impact of security events.

-Applying knowledge of Internal Audit policy and procedures to perform analysis and evaluation to design, implement, test, and field secure systems, networks, and architectures.

-Developing, implementing, and enforcing information systems security policies, ensuring system security requirements are addressed during all phases of the acquisition and Information System (IS) lifecycle.

-Conducting certification and testing by the Risk Management Framework (RMF) and National Institute of Standards and Technology (NIST) policies; identifying deficiencies and providing risk mitigation recommendations.

-Developing the IS artifacts such as Risk Assessments, Security Concepts of Operations (SECONOP), Program Protection Plans, Test Plans, procedures and reports, System Security Plans, and other related documentation.

-Utilizing testing methods, automated tools, plans, and procedures to verify compliance and vulnerability requirements.

-Assess and mitigate system security threats or risks throughout the program life cycle.

-Reviewing Plans of Action and Milestones (POA&Ms) to ensure weaknesses are identified, effective/acceptable mitigation strategies are planned, and timelines are acceptable.

-Contributing to security planning, assessment, risk analysis, risk management, certification, and awareness of system and networking operations activities.-Creating, updating, and maintaining threat models for a wide variety of software projects

-Assist in development of security processes and implementation of automated tooling that prevent security issues.

-Security Engineers will possess knowledge and experience in safeguarding sensitive data from cyber-attacks

-Stay up-to-date with emerging cybersecurity threats, trends, and technologies, and proactively recommend adjustments to our security strategies as needed.

-Provide expert guidance and support to junior cybersecurity team members, fostering professional growth and knowledge sharing.

-Performing other duties and responsibilities as assigned.

Qualifications::

-At least three (3) years of experience as an ISSE on programs and contracts of similar scope, type, and complexity.

-Familiarity with System Life Cycle Development (SDLC) methodologies, the 800 series of NIST Special Publications.

-Must possess practical knowledge of IT audits, full security assessment process.

-Must have familiarity with the use and operation of cybersecurity tools such as security scanners (Qualys). CIS Benchmarks and automated compliance checkers (STIG).

-Expert level familiarity with Microsoft Office Suite (Word, Excel, PowerPoint, Teams, Outlook, Visio, Project, etc.)

-Exceptional verbal and written communication skills, with the ability to collaborate across teams and organizations, including senior-level management.

-Must be able to explain complex cybersecurity concepts to individuals with varying levels of cyber experience.

-BS or BA in Computer Science, Information Assurance, Computer Engineering, or related discipline.

-Four years of relevant experience can be substituted for a degree.

-If the role is located in APJ region working the evening shift(US hours ) is a requirement.

-Have the capability of providing after-hours support and weekend support, if required

-10+ years pf total work experience in IT industry is highly preferred

Company Description

At Quest, we create and manage the software that makes the benefits of new technology real. Companies turn to us to manage, modernize, and secure their business, from on-prem to in-cloud, from the heart of the network to the vulnerable endpoints. From complex challenges like Active Directory management and Office 365 migration to database and systems management to redefining security, and hundreds of needs in between, we help you conquer your next challenge now.

We’re not the company that makes big promises. We’re the company that fulfills them.

We’re Quest: Where Next Meets Now.

Why work with us!

-Life at Quest means collaborating with dedicated professionals with a passion for technology.

-When we see something that could be improved, we get to work inventing the solution.

-Our people demonstrate our winning culture through positive and meaningful relationships.

-We invest in our people and offer a series of programs that enable them to pursue a career that fulfills their potential.

-Our team members’ health and wellness is our priority as well as rewarding them for their hard work.

Quest is an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations, and ordinances.

Come join us. For more information, visit us on the web at Quest Careers | Where next meets now. Join Quest.

Job seekers should be aware of fraudulent job offers from online scammers and only apply to roles listed on quest.com/careers using our applicant system. Note: We do not use text messaging or third-party messaging apps like Telegram to communicate with applicants, so please exercise caution if you are approached in this way and only interact with people claiming to be Quest employees if they have an email address ending in @quest.com.