The candidate should have a working knowledge of desktops and servers in Windows, Linux (Kali, RHEL) and MacOS environments.
This resource should be familiar with common security frameworks, standards, and controls from NIST Cyber Security Framework, CIS Benchmark, and ISO 27002.
While secure coding and development experience is not required, knowledge of OWASP testing methodology is desirable.
You'll be expected to perform both management and technical security tasks,
such as: ● Administering security awareness training
● Performing security reviews
● Conducting vulnerability and risk assessments
● Managing an ongoing risk register
● Drafting proposals for projects (RFPs and RFQs)
● Configuring firewall policies, network routes, and security controls in information systems
● Conducting incident response and network security troubleshooting activities The ability to perform these skill sets should be supported by one or more cyber security industry certifications below:
● CISM, CISSP
● PNSCE, SECURITY+, PENTEST, or equivalent
● CCNA/NP or equivalent
● AWS Solution Architect or GCP Professional Cloud Architect/Security Engineer