Job Description

Latitude Information Security (“Latitude”) is an information security consulting firm headquartered in the Greater Philadelphia area with a nationwide client base. We are a team of motivated professionals, committed to protecting our clients’ most valuable security assets. Our mission is to onboard talented and passionate individuals to help us in providing high-quality information security services to the healthcare industry. We are proud to employ a diverse range of talent in an environment that fosters continuous improvement and success.

We are seeking a CYBERSECURITY SPECIALIST who is a critical thinker and lifelong learner who inherently seeks to become the expert on whatever task or topic they encounter.

Our continued success relies on the onboarding of team members that operate with a high degree of integrity and quality in everything they do.  Our clients deserve it.  We demand it.  If you maintain a high sense of personal responsibility, are eager for an opportunity to advance your career, and meet the qualifications listed below, then we’d welcome an opportunity to review your resume and cover letter.

This FULL-TIME POSITION is based in West Chester, PA. Remote work is not an option.

GENERAL REQUIREMENTS

§  1 + years of Information Security experience; entry-level also considered dependent on relevant internship(s)

§  Bachelor's Degree required

• Strong verbal, written, and listening communications skills
• Ability to perform detailed analysis, associate threats and vulnerabilities to business impact and risk scenarios
• Strong ability to work in a fast-pace, deadline-driven environment and handle multiple projects simultaneously
• Possess sharp critical thinking skills, sound judgment and decision making ability, and the ability and willingness to clearly articulate your ideas
• The ability to work both collaboratively and independently with technical and non-technical constituents alike
• Exemplify a positive attitude and strong work ethic with a commitment to teamwork and professionalism

§  Security + or CCSFP preferred; other security and/or network certifications considered

§  Desire for continued professional growth in the field of information security through achievement of advanced certifications (e.g., CISSP, CRSIC, CISM, CISA, etc.), participation in professional associations, authoring of blog articles, or presenting/speaking at industry events.

TECHNICAL QUALIFICATIONS

§  Strong working knowledge of IT systems and information security operations

§  Knowledge of common IT and security concepts such as firewall management, server management, SIEM, IDS/IPS, web proxies, access control and authentication, etc.

§  Awareness of application security concepts, penetration testing techniques, and incident forensics preferred

§  Familiarity with industry recognized security frameworks and regulations (HITRUST, NIST, ISO, HIPAA, etc.)

§  Experience performing and interpreting network vulnerability scans with tools such as Qualys, Rapid7, and/or Nessus preferred

• Knowledge in scripting language (PowerShell, Python, etc.) a plus

§  Ability to achieve HITRUST CCSFP certification within 6 months of hire

DUTIES AND RESPONSIBILITIES

• Perform both risk management and vulnerability management and remediation functions; perform and interpret Nessus vulnerability scans
• Conduct assessments of physical, technical, and administrative security controls; evaluate compliance with security frameworks and regulations through interviews, documentation reviews, system demonstrations, and physical inspections
• Interpret processes and controls, identify and document risks and weaknesses that require remediation, develop detailed, actionable remediation plans and or recommended compensating controls, and verify whether corrective actions have been remediated
• Assist in the development of client-specific policies, procedures, and plans (such as BC/DR, Incident Response, Risk Management, etc.), and detailed technical documentation for applications, systems, and infrastructure
• Participate in development and execution of information security simulations and exercises such as phishing and vishing campaigns, penetration tests, and tabletop exercises
• Communicate status and issues to Latitude and client stakeholders; assist Latitude executives and relationship owners in solving identified client issues
• Develop and maintain positive working relationships with client counterparts
• Perform additional duties as assigned

RELEVANT WORK AREAS

Information Security, Infosec, Cybersecurity, Cyber Security, Data Security, Security, Risk Management, Security Assessments, Risk Assessment, Audit, HITRUST, HIPAA, NIST, IAM, Compliance, Vulnerability Management, NESSUS, Business Continuity, Disaster Recovery, Penetration Testing, Ethical Hacking, IT, Networking, Cloud Security, Consultant, Incident Response, SOC, NOC

BENEFITS

Latitude offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment.

• Full-time base salary (W-2)
• Medical and dental Insurance
• Paid Vacation and company holidays
• Eligibility to participate in annual bonus program
• 401k plan

NEXT STEPS

We wish to THANK ALL APPLICANTS for their interest and effort in applying for this position; however, only candidates selected for interviews will be contacted. No unsolicited agency referrals, please. Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, gender identity, protected veteran status or disability.