Information Security Consultant I

To apply for this position please send your resume along with a cover letter including salary expectations to This email address is being protected from spambots. You need JavaScript enabled to view it.

Division/Department		Security Consulting
Location		Ankeny, IA
Job Title	Information Security Consultant 1
Reports to	President

Level/Grade			Type of position: Full-time	Hours:40 / week Exempt

General Description
Job Purpose: Provide IT risk management, information security and compliance consulting services to clients in a variety of industries. Duties: (20%) Perform risk assessments of IT infrastructure or applications and make recommendations for improvements based on the client’s stated risk tolerance levels. (5%) Design or review disaster recovery and business continuity plans including business impact assessments, RPO / RTO recommendations and test cases. (10%) Audit or review system architecture for compliance with best practices and/or regulatory compliance. (20%) Review and recommend administrative, technical and physical controls to mitigate identified risk. (15%) Ensure events generated from MSSP monitoring solution are reviewed and appropriate action is taken. (10%) Perform digital investigations into suspected breaches or misuse of IT systems. (10%) Perform vulnerability scanning and penetration testing of network infrastructure and applications. (10%) Develop information security policies, standards and baselines.
Work Experience Requirements
Skills/Qualifications: Demonstrated experience reviewing and recommending appropriate administrative, technical and physical controls. Ability to develop policies, standards and baseline configurations. Experience performing digital investigations of system breaches or misuse including identification, tracking, reporting and resolving the issue. Experience designing and testing DR/BC plans. Experience performing automated and manual vulnerability scanning and penetration testing. Ability to identify and evaluate risk to IT systems, communicate risk to management. Select and implement appropriate risk mitigation strategies to ensure IT systems remain within established risk tolerance levels. Ability to clearly communicate with co-workers, management, clients and vendors. Maintain a professional appearance and vocabulary.
Education Requirements
Bachelor’s Degree or equivalent work experience Professional Certifications (CISSP, GIAC, CISM, CISA, SSCP)