Cloud and Container Information Security Consultant

As an Information Security Consultant, you will help implement container scanning services to support cloud infrastructure and development processes. You will ensure the cloud infrastructure adheres to industry best practices, regulatory requirements and baseline compliance, with a focus on cybersecurity. We will depend upon your expertise to recommend new technologies, processes, or methodologies to continuously improve our cloud/container vulnerability management service. In this role, a typical day will include: Consultations to application developers and system owners regarding container vulnerabilities Managing the Twist lock Defenders, collection creations, scanning registries, creating firewall and runtime policies Administration and Management of all Twist lock components Supporting the vulnerability remediation process for container images This position leads the development of security testing strategies, methodologies, and standard processes for large-scale, complex IT initiatives spanning multiple information security domains. This role also leads complex security test data analysis and identifies and assists in defining the impact of requirements on upstream and downstream solution components.This role also provides insight and influence to senior management and business leaders on how to integrate security requirements with current systems and business processes across the enterprise, as well as driving for continuous process improvement. Essential Responsibilities: Conducts or oversees business-specific projects by applying deep expertise in subject area; promoting adherence to all procedures and policies; developing work plans to meet business priorities and deadlines; determining and carrying out processes and methodologies; coordinating and delegating resources to accomplish organizational goals; partnering internally and externally to make effective business decisions; solving complex problems; escalating issues or risks, as appropriate; monitoring progress and results; recognizing and capitalizing on improvement opportunities; evaluating recommendations made; and influencing the completion of project tasks by others. Practices self-leadership and promotes learning in others by building relationships with cross-functional stakeholders; communicating information and providing advice to drive projects forward; influencing team members within assigned unit; listening and responding to, seeking, and addressing performance feedback; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership and mentoring junior team members; creating and executing plans to capitalize on strengths and improve opportunity areas; and adapting to and learning from change, difficulties, and feedback. Effectively communicates investigative findings to non-technical audiences. Participates in budgeting and capital planning at the project/program level. Drives continuous process improvement by leading the development, implementation, and maintenance of standardized security tools, templates, and processes across multiple business domains. Recommends and advocates for additional data and/or services needed to address key business issues related to process or solutions design. Defines processes to meet KPIs and ensures the ongoing tracking of performance metrics. Provides insight and influence to senior management and business leaders on how to integrate security requirements with current systems and business processes across the enterprise. Identifies and assists in defining the impact of requirements on upstream and downstream solution components. Recommends and advocates for regional and/or business line security process improvements which align with sustainable best practices, and the strategic and tactical goals of the business.2-3 Leads complex security test data analysis in support of security vulnerability assessment processes, including root cause analysis. Generates and reviews scheduled reports (e.g., status updates, risk assessment reports, remediation reports) and provides regular security metrics to IT teams and senior management as appropriate. Validates security test scenarios across various SDLC phases (e.g., development, reproduction, production) for moderately complex projects. Reviews and provides technical sign off on testing scope and approach for complex security testing initiatives. Leads the development of security testing strategies, methodologies, and standard processes for large-scale, complex IT initiatives spanning multiple information security domains. Serves as an escalation point on issues, dependencies, and risks related to security testing. Researches, keeps abreast of, and leverages industry trends, best practices, and cutting edge techniques to creatively discover and exploit vulnerabilities in technology systems. Leads and oversees the development and documentation of comprehensive business cases to assess the costs, benefits, ROI, and Total Cost of Ownership (TCO) of complex solution proposals. Develops requirements, or leads a team in the development of requirements for complex or specialized security system solutions which may span multiple business domains by partnering with stakeholders and appropriate teams. Minimum Qualifications: Minimum four (4) years in an informal leadership role working with project or technical teams. Bachelor's degree in Business Administration, Computer Science, Social Science, or related field and Minimum eight (8) years experience in information security, network engineering, or system administration, including Minimum three (3) years performing security assessments across multiple IT environments. Additional equivalent work experience may be substituted for the degree requirement. Preferred Qualifications: Two (2) years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above) Three (3) years experience working on cross-functional project teams Three (3) years experience working for a health care organization Three (3) years work experience requiring the development of technical documents or presentations. Three (3) years experience in large scale software implementations.