Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Presentation Designer

R

Robbins Gioia, LLC

Presentation Designer

New York, NY
Paid
Similar Jobs
  • Responsibilities

    RG is seeking a qualified individual to perform as a Cybersecurity/Information Assurance (IA) Specialist to ensure the growing RG portfolio of software products, internal network servers, and other corporate assets are adhering to industry compliance requirements. The Specialist will be responsible for developing and implementing cybersecurity policies and procedures; scanning, identifying, and mitigating security vulnerabilities in our code; and educating team members on best practices for secure coding. The ideal candidate will have a deep understanding of software development, cybersecurity, and risk management.

    **
    A Day in the Life:**

    To help make our product teams successful, the chosen candidate can expect to be involved with or responsible for:

    • Providing Cyber Security/IA expertise to support the planning, design, development, testing, documentation, implementation, and sustainment of RG’s deliverable software applications
    • Perform regular code scans to identify and mitigate security vulnerabilities
    • Function as a Cybersecurity advisor, representative, and advocate for RG product development teams with our customers
    • Possess the ability to work independently and act as an independent auditor throughout the development process
    • Monitor and investigate security incidents and take appropriate action to prevent future occurrences

    **
    How You Can Make A Difference:**

    This role plays an important and vital part in mission success for RG’s development teams. The quality of our software and related applications is of primary importance to RG and our customers. The candidate will also work to improve the cybersecurity compliance of the software engineering processes and practices associated with continuously building, deploying, and updating software and environments. The candidate will also be responsible for communicating cybersecurity scan results to the operational and executive teams and client base as required.

    • Designing, implementing, and performing static code cyber analysis, script scanning, and penetration scanning services and analysis using various software tools to support the ongoing development being performed by the RG development teams
    • Conduct assessments of the RG’s network and computer systems to discover strengths and flaws. Perform risk assessments and ethical hacks to evaluate the effectiveness and efficiency of routers, firewalls, and other comparable systems
    • Develop and implement cybersecurity policies and procedures to protect company assets and data
    • Develop and maintain a vulnerability management program by monitoring and investigating security incidents and take appropriate action to prevent future occurrences
    • Collaborate with software developers to ensure that code is developed with security in mind and educate team members on secure coding practices and company cybersecurity policies and procedures.
    • Monitor and investigate security incidents and take appropriate action to prevent future occurrences.
    • Identify corporate and client risk management and mitigation process and deliver briefings to executive team as required
    • Keep up-to-date with the latest cybersecurity threats, trends, and technologies
    • Develop and maintain relationships with external security experts and vendors

    Required Skills

    The Cybersecurity/Information Assurance Specialist is an exempt customer-facing business professional that provides a variety of information directly to customers for their ongoing programs, new initiatives, strategic planning, and measurement/evaluation in one or more of RG's solutions. They possess excellent customer service skills, remain current on industry trends, value teamwork, and have a wide range of interpersonal skills. The candidate will possess in-depth knowledge in the following areas of computer security:

    • Identity and Access Management (IAM): A Cybersecurity Specialist should have a solid understanding of IAM concepts and technologies. This includes knowledge of authentication and authorization protocols, such as SAML, OAuth, and OpenID Connect, as well as experience working with IAM platforms like Okta, Azure AD, or Ping Identity
    • Security Operations: A Cybersecurity Specialist should be familiar with security operations concepts and tools, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and security incident response frameworks like the NIST Cybersecurity Framework
    • Application Security: A Cybersecurity Specialist should have experience with securing applications and APIs, including knowledge of secure coding practices, threat modeling techniques, and web application firewalls (WAFs)
    • Data Protection: A Cybersecurity Specialist should understand data protection concepts and technologies, such as data encryption, data masking, and data loss prevention (DLP) solutions
    • Social Engineering: A Cybersecurity Specialist should be aware of social engineering tactics, such as phishing and spear-phishing, and how to prevent and mitigate their impact

    The candidate will also be able to show experience in the following areas:

    • Strong understanding of secure coding practices and standards
    • Knowledge of vulnerability scanning tools and techniques
    • Experience with web application security
    • Strong analytical and problem-solving skills
    • Excellent communication and interpersonal skills
    • Ability to work independently and as part of a team
    • Familiarity with security frameworks such as NIST or ISO 27001

    Required Experience

    To be successful in this role, all candidates must meet the below qualifications to be considered.

    • Bachelor's degree in Computer Science, Information Technology, or a related field
    • 5+ years of experience in cybersecurity, risk management, or a related field
    • Experience with vulnerability scanning tools like Checkmarx or SonarQube
    • Experience in implementing secure coding practices and standards
    • Experience developing and implementing cybersecurity policies and procedures
    • Experience in the disciplines of Computer Security necessary to perform Information System Security Audits, Information System Security Assessments, Risk Management Plans, Security Plans, Information system security policies and procedure guidelines, Information system accreditations and certifications, Command and Control Protect plans and policies, Continuity of Operations Plans (COOP), and other related activities associated with commercial standard ISO 27001/ISO 27002 or Department of Defense NIST and STIG standards
    • Knowledge of incident response and disaster recovery planning
    • Certifications in the Cybersecurity or Information Assurance fields
    • Ability to obtain a Secret Clearance

    **
    Bring the WOW Factor:**

    In addition to our core requirements that are an absolute must for this role, we want to highlight some of the qualifications that we consider to “Bring the WOW Factor”. Below are some of those “WOW Factors” that we would love to have, but that are not considered hard requirements to do the job.

    • Previous experience in Risk Management Framework in DoD
    • Experience building compliance with ISO27001 / ISO27002
    • Certified Ethical Hacker (CEH)
    • Certified Information System Security Professional (CISSP)
    • Information Systems Security Architecture Professional (ISSAP)
    • Certified Information Security Manager (CISM)
    • Experience with cloud security
    • Familiarity of the Agile Software methodology and best practices
    • Ability to communicate in a clear and concise manner to customers at all levels to include executive and operational
    • Possess current Secret Clearance or above

    **
    Physical Requirements & Disclaimer:**

    Sedentary work: Exerting up to 10 lbs. of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required, only occasionally and all other sedentary criteria are met. EOE, including disability/vets

    _
    _At Robbins-Gioia (RG), we provide management consulting, managed services, and JFAST software. Our management consulting services combine leading-edge capabilities in management and technology with a seasoned understanding of our clients’ missions. Our managed services help our clients maximize their technology investments by providing experienced professionals that complement our clients’ strategy and operations. Our JFAST software is a suite of tools that perform advanced planning and scheduling operations and is the most capable intelligent scheduling platform for complex, mission-critical applications.

    _
    Headquartered in Alexandria, VA, we partner with our clients to test and refine every solution to meet their exact needs. We take pride in tackling complex management challenges with fresh and innovative insights and in transforming our clients’ vision into reality._

  • Qualifications

    The Cybersecurity/Information Assurance Specialist is an exempt customer-facing business professional that provides a variety of information directly to customers for their ongoing programs, new initiatives, strategic planning, and measurement/evaluation in one or more of RG's solutions. They possess excellent customer service skills, remain current on industry trends, value teamwork, and have a wide range of interpersonal skills. The candidate will possess in-depth knowledge in the following areas of computer security:

    • Identity and Access Management (IAM): A Cybersecurity Specialist should have a solid understanding of IAM concepts and technologies. This includes knowledge of authentication and authorization protocols, such as SAML, OAuth, and OpenID Connect, as well as experience working with IAM platforms like Okta, Azure AD, or Ping Identity
    • Security Operations: A Cybersecurity Specialist should be familiar with security operations concepts and tools, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and security incident response frameworks like the NIST Cybersecurity Framework
    • Application Security: A Cybersecurity Specialist should have experience with securing applications and APIs, including knowledge of secure coding practices, threat modeling techniques, and web application firewalls (WAFs)
    • Data Protection: A Cybersecurity Specialist should understand data protection concepts and technologies, such as data encryption, data masking, and data loss prevention (DLP) solutions
    • Social Engineering: A Cybersecurity Specialist should be aware of social engineering tactics, such as phishing and spear-phishing, and how to prevent and mitigate their impact

    The candidate will also be able to show experience in the following areas:

    • Strong understanding of secure coding practices and standards
    • Knowledge of vulnerability scanning tools and techniques
    • Experience with web application security
    • Strong analytical and problem-solving skills
    • Excellent communication and interpersonal skills
    • Ability to work independently and as part of a team
    • Familiarity with security frameworks such as NIST or ISO 27001