Previous Job
Information Security Consultant
Ref No.: 18-72295
Location: Memphis, Tennessee
Position Type:Contract
Start Date: 10/01/2018
 Job Description:
Role: Information Security Consultant
Location: Memphis, TN
Job Type: Contract
Duration: Long Term
Position Summary: This individual should be a motivated self-starter and have a strong foundation and understanding in Information Technology and security vulnerabilities as well as be familiar with threat modeling and attack scenarios. The scope of this role includes the ability to perform security penetration testing in various environments, simulate real world cyber-attack scenarios against a plethora of technologies related to hospitality and lodging, as well as knowledge on how to successfully conduct a security red team exercise. The candidate must be able to provide actionable recommendations and guidance for clients based on the assessment findings. This candidate should have excellent communication skills, both written and oral, be willing to learn and execute on any client requests, and have the ability to interact with customer staff in structured and unstructured situations.
Direct Reports: This role will oversee and supervise contractors and consultants based on demand and project needs.
Please list specific qualifications/experience, knowledge, skills and abilities needed for this position.
Required Qualifications
  • Self-Starter with ability to spin up quickly on technologies, issues, topics, and advances in the cyber security field
  • "Can do” attitude willing to take on challenging opportunities and projects that require ongoing learning and self-training
  • Minimum of 5 years professional experience in the Information Technology/Information Security industry
  • Minimum of 2 years Professional Experience IT-Related Penetration Testing Activities
Experience with multiple Information Security domains
  • Cyber Architecture
  • Endpoint Protection
  • Network Security
  • Infrastructure Security
  • Application Security
  • Database and Platform Security
  • Identity & Access Management
  • Policy & Governance
  • Cloud Security
  • RFID
  • BLE
  • Encryption
  • Penetration Testing
  • Vulnerability Scanning & Management, and
  • Compliance & Risk Management
  • Experience with execution of a variety of penetration testing assessments and vulnerability assessments to include network penetration testing, web application penetration testing, RF and RFID, Bluetooth, Zigbee, mobile device penetration testing, IoT testing as well as physical and social engineering exercises.
  • Knowledge of the cyber threat landscape to include Advanced Persistent Threats, Cyber Crime, Hacktivism; specifically, the tactics, techniques and procedures they apply to a cyber-threat attack.
  • Knowledge and understanding of attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
  • Strong skills in various operating systems and enterprise platforms to include: Windows, Linux/Unix, Mac OS, iOS, Android, Active Directory, .Net framework, Oracle business products, SAP, etc.
  • Experience with typical scripting and programming languages – to include PowerShell, Python, VBA, Javascript, C++, SQL, etc.
  • Experience Developing Vulnerability Reports with detailed finding descriptions, test case reproduction steps, and prioritized recommendations.
  • Experience presenting the results of penetration tests to client stakeholders to include senior or executive leadership
  • Prior experience working with the Kill Chain, Diamond Model of Intrusion, and similar frameworks and concepts.
  • Strong technical skills with the ability to adapt to new technologies and security controls on the fly.
Cyber security certifications such as
  • CEH
  • GCIA
  • OSCP &
  • OSCE
  • Experience with penetration testing processes, tools, and technologies and extensive knowledge of best practices regarding their implementation
  • Strong interpersonal, verbal, and written communication skills to successfully accomplish client-facing interactions