Job Title: Junior Client Facing Security Officer
Company: US Tech Solutions
Position: Junior Client Facing Security Officer
Location: Richmond VA
Duration: 6 months with possible extension
• Minimum Bachelor’s Degree (Specialization in Info Security is a big plus) of equivalent experience
• 6+ years of proven experience in Information Security domain
• Must have experience reporting to CISO/senior security leadership.
• Adept at understanding the overall security/threat landscape and proposing solutions to mitigate risks from this environment.
• Must have excellent understanding of tools and processes used for strengthening information security posture (Infrastructure Security devices – IDS/IPS, FW, VPN etc; Vulnerability Scanning tools, host based security systems, ISO 27001 controls etc.)
• This is a client facing role - Excellent oral, written and presentation skills in English.
• Ability to work with the virtual teams
• Must have good understanding of IT infrastructure architecture.
• Must be an intelligent, articulate and persuasive individual who can serve as an effective advisor to the senior client security leadership.
• Should be able to communicate security-related concepts to a broad range of technical and non-technical staff and drive security across multiple teams
• Security certifications desired – CISA, CISM, CISSP, ISO 27001 - LA, LI, CGEIT etc.
• The CFSO is the central hub for all security related issues and concerns across the various towers that exist – Client engagement.
• These issues and concerns, whether raised by the client , will be evaluated and handled appropriately, which involves communication between all involved parties.
• Clear definitions of major and minor security threats for the specific solution are determined during the initial phases of the project, together with planned remediation, resulting in a project security threat matrix.
• The CFSO is directly involved in documenting and resolving all major security events and incidents by investigating and assisting the operations teams as needed.
• For minor events like a single infected computer, operations staff may handle the remediation of the event.
• The CFSO maintains the reports and records of security events and makes them available to appropriate personnel (such as forensics staff) as and when required.
• The CFSO is the direct communications link between the client’s Information Security representative(s)
• If so directed in the contract, the CFSO will notify the client’s Information Security representative(s) of any emerging information security threats or trends that may impact either the services that is providing or the operations of the customer.
• This may take the form or direct emails, periodic newsletters, meetings etc.
• The CFSO is part of the security tower (to ensure a standard approach) and works directly with the client’s Information Security representative.
• Contractual requirements may require adherence to specific client policies and procedures by or some type of alignment of policies and procedures between the two organizations.
• The CFSO will review the client policies and procedures that are provided (initially and from time to time) and make recommendations or changes to ensure that will fulfill these requirements within the recommended standards determined by the Security Tower.
• This will usually involve working with the client’s Information Security representative and the Account manager
• The CFSO will coordinate various information security activities within the client environment, such as vulnerability scans, access control audits and security awareness and training.
• These activities and any deliverable reports are based on the contractual requirements and the standards determined by the Security Tower.
• Some of these information security activities will also be a part of the client’s internal security regimen.
• It is the CFSO’s responsibility to review reports from these activities as they relate to the client’s environment and recommend appropriate action when needed.
• The CFSO will work with client auditors and regulatory authorities as required.
• As information security gaps are detected by either the CFSO, the client, auditors or the service delivery team, the CFSO will take steps to ensure that each gap is either closed (within the standards determined by the Security Tower) or, if the gap cannot be closed, then the CFSO will work with the client’s Information Security representative to mitigate the risks and ensure that the client understands and acknowledges the residual risks.
• The CFSO will develop, as needed, and distribute various security documents that are used by the service delivery team or are required by contract.
• Examples of these documents are reports and forms such as Incident Reports and Access Control Reports as well as BeATo (proprietary tool) reports.
• Some of these items may be only needed for internal purposes while others may be needed to fulfill a deliverable requirement.
• The CFSO will ensure the client facing delivery environment is periodically assessed for risks through a formal risk assessment process followed.
• The activity and results are combined with the risk assessment activity carried out for the rest of operations in that location.
• The CFSO holds periodic Review Meetings with the client’s Information Security representative as part of the contract’s governance processes.
• The CFSO will inform the client of our own security assessments (BeATo results) and takes note of improvement or corrective actions as observed by the client; and implement them.
• Launch Vulnerability test, Launch Compliancy test, Audit follow up, Launch internal audit ( Password compliancy…), Security incident management, Security risk management (risk register follow up ), Weekly meeting with Client CSO, Biweekly meeting with RMIS (security team of ST), Weekly PMO meeting ( internal ), Monthly Virus summary reporting, Review of daily attack, new virus detection, correlation SEP and Trend.
• BCP DRP review, Follow up of Ongoing actions, launched, and proposal.
• Follow up of Virus remediation action (left alone and CMS servers)
• Assessment of new proposal or improvement and new design of security solution proposed.