Manager, IT Security and Privacy Consulting
Company: Protiviti Inc.
Location: New York, NY
Posted on: November 20, 2018
Job Description:
Position: Manager, IT Security and Privacy Consulting (New York,
NY) Protiviti is a global consulting firm that helps companies
solve problems in finance, technology, operations, governance, risk
and internal audit. Through our network of more than 70 offices in
over 20 countries, we have served more than 35 percent of FORTUNE® 1000
and Global 500 companies. We also work with smaller, growing
companies, including those looking to go public, as well as with
government agencies. Protiviti is a wholly owned subsidiary of Robert Half
International Inc. (NYSE: RHI). Founded in 1948, Robert Half International is a
member of the S&P 500 index. Duties: Perform manual and automated testing to exploit
vulnerabilities in web and mobile applications based on the OWASP top 10 which
includes cross-site scripting, cross-site request forgery, SQL
injections, session hijacking and buffer overflows to obtain controlled
access to target systems. Perform manual and automated secure code reviews
to ensure proper security controls are present in applications.
Perform network traffic forensic analysis and utilize packet capturing
software to isolate malicious network behavior and inappropriate network
use and identify insecure network protocols. Demonstrate knowledge of
industry cybersecurity standards and regulations like HIPAA, FFIEC, NIST,
ISO, PCI, etc. Contribute to creation of information security
policies and procedures. Pursue business opportunities and serve as
ambassador of Protiviti in the market. Requirements: Master’s degree (or foreign equivalent) in
Computer Science, Security Informatics, Information Systems, Engineering,
or related field and two (2) years of experiencesperforming
information security risk management and architecture review; Also requires, demonstrated expertise performing web and
mobile application security reviews to perform vulnerability analysis
and ensure secure access, utilizing Kali Linux and various tools,
including Burp Suite, Wireshark, NMap, and Metasploit; demonstrated
expertise performing HIPAA, FFIEC, PCI, and SOX risk and gap
assessments; demonstrated expertise performing manual and automated secure
code reviews to ensure proper security controls are present in
software applications written in various languages including C, C++,
Python, Java, ASP.Net and Objective C; demonstrated expertise reviewing
levels of access within client teams to ensure appropriate access
limits to secure data; demonstrated expertise assessing network and
application security including performing scans using HP Fortify, Veracode,
Nessus and/or Qualys and thereby remediation identified
vulnerabilities; demonstrated expertise performing PCI Gap Assessments and
guiding remediation activities; demonstrated expertise interfacing with
client architecture, development, and QA teams throughout the
application development life-cycle to analyze security issues during
development, and presenting findings to C-level suite executives. Must
have certification in CISSP, CISM, CISA, CRISC or PCI QSA. Submit resume to Job Code MITSPC2018, Dana S. Portnoy,
Protiviti, 125 High Street, 17th Floor, Oliver Street Tower, Boston, MA
02110
Keywords: Protiviti Inc., Bethlehem , Manager, IT Security and Privacy Consulting, Other , New York, NY, Pennsylvania