Crescens
IT Security Specialist
Crescens, Raleigh, West Virginia, us, 25911
Job title : IT Security SpecialistLocation: Raleigh, NCDuration : 5+ MonthsInterview: Webcam Interview OnlyType: Onsite Role
Job Description:Client is seeking an Information Technology (IT) professional with proven application security testing experience using tools such as BURP Suite, Fortify and manul testing. Duties include, are not limited to:
Experience with Security testing tools to implement the security framework in DevSecOps. Experience with application security testing tools such as BURP suite, Fortify and manual testingFamiliar with application development frame work such as .net, java, spring boot etc.Detailed understanding and strong skill set in operating and working with the Splunk toolsetExperience in finding OWASP top 10 vulnerabilities and provide guidance to the application development team to remediate the identified vulnerabilitiesExperience in using vulnerability management tools such as Qualys and to work with stake holders to remediate the identified vulnerabilities in a timely manner.Expertise with Linux, windows and Command-line interfaceExcellent troubleshooting skills and strong technical learning aptitude required. Experience in HIPAA Privacy & Security Risk AssessmentsImplement the security framework within the DevSecOps environment, leveraging security testing tools like BURP Suite, Fortify, and manual testing.Work with a variety of application development frameworks, including .NET, Java, Spring Boot, and others.Identify and assess OWASP top 10 vulnerabilities and provide guidance to the application development team for remediation.Utilize vulnerability management tools, such as Qualys, to identify and promptly address vulnerabilities while collaborating with stakeholders.Showcase expertise in operating systems such as Linux and Windows, as well as proficiency in Command-line interfaces.Possess excellent troubleshooting skills and a strong aptitude for technical learning.Conduct HIPAA Privacy & Security Risk Assessments to ensure compliance and data security. Qualifications:Bachelor's degree in a relevant field (preferred).Industry-recognized IT security certifications (e.g., CISSP, CISM, CEH) are a plus.Proven experience in application security testing, vulnerability management, and incident response.Familiarity with healthcare data security regulations, including HIPAA.Strong communication skills and the ability to collaborate effectively with diverse teams.Analytical mindset and problem-solving abilities.Splunk certifications
Required/Desired Skills:
Risk Management - must be able to Identify gaps through risk management, and assist in the development of mitigation strategies.Experience updating privacy and security policies based on gaps found through an assessment process.Client, evaluate, assess, systems, networks, and components through the use of vulnerability scanning and risk assessment method.Experience documenting vulnerability assessment results in ccurate, clear, actionable, and available way to appropriate personnelMust be able to review & assess projects and systems throughout all phases of their life cycle in an effort to identify Privacy org needsMust be able to serve as a knowledge base for organizations as it relates to compliance requirements and mitigation strategies.Experience Performing risk assessments based on NIST 800- 53 Rev 4. ISO-27001, HIPAA, and IRS Pub 1075.Experience with network mapping and vulnerability scanning tools such as NESSUS and NMAP.
Job Description:Client is seeking an Information Technology (IT) professional with proven application security testing experience using tools such as BURP Suite, Fortify and manul testing. Duties include, are not limited to:
Experience with Security testing tools to implement the security framework in DevSecOps. Experience with application security testing tools such as BURP suite, Fortify and manual testingFamiliar with application development frame work such as .net, java, spring boot etc.Detailed understanding and strong skill set in operating and working with the Splunk toolsetExperience in finding OWASP top 10 vulnerabilities and provide guidance to the application development team to remediate the identified vulnerabilitiesExperience in using vulnerability management tools such as Qualys and to work with stake holders to remediate the identified vulnerabilities in a timely manner.Expertise with Linux, windows and Command-line interfaceExcellent troubleshooting skills and strong technical learning aptitude required. Experience in HIPAA Privacy & Security Risk AssessmentsImplement the security framework within the DevSecOps environment, leveraging security testing tools like BURP Suite, Fortify, and manual testing.Work with a variety of application development frameworks, including .NET, Java, Spring Boot, and others.Identify and assess OWASP top 10 vulnerabilities and provide guidance to the application development team for remediation.Utilize vulnerability management tools, such as Qualys, to identify and promptly address vulnerabilities while collaborating with stakeholders.Showcase expertise in operating systems such as Linux and Windows, as well as proficiency in Command-line interfaces.Possess excellent troubleshooting skills and a strong aptitude for technical learning.Conduct HIPAA Privacy & Security Risk Assessments to ensure compliance and data security. Qualifications:Bachelor's degree in a relevant field (preferred).Industry-recognized IT security certifications (e.g., CISSP, CISM, CEH) are a plus.Proven experience in application security testing, vulnerability management, and incident response.Familiarity with healthcare data security regulations, including HIPAA.Strong communication skills and the ability to collaborate effectively with diverse teams.Analytical mindset and problem-solving abilities.Splunk certifications
Required/Desired Skills:
Risk Management - must be able to Identify gaps through risk management, and assist in the development of mitigation strategies.Experience updating privacy and security policies based on gaps found through an assessment process.Client, evaluate, assess, systems, networks, and components through the use of vulnerability scanning and risk assessment method.Experience documenting vulnerability assessment results in ccurate, clear, actionable, and available way to appropriate personnelMust be able to review & assess projects and systems throughout all phases of their life cycle in an effort to identify Privacy org needsMust be able to serve as a knowledge base for organizations as it relates to compliance requirements and mitigation strategies.Experience Performing risk assessments based on NIST 800- 53 Rev 4. ISO-27001, HIPAA, and IRS Pub 1075.Experience with network mapping and vulnerability scanning tools such as NESSUS and NMAP.