Tech Lead - Information Security role at Ameriprise India, focusing on OWASP vulnerabilities and code remediation. Collaborating with teams to ensure secure and high - quality applications.
About the role
- Managing Consultant leading the planning and execution of cybersecurity assessments for federal clients. Responsible for managing a team and ensuring compliance with security policies and regulations.
Responsibilities
- Guidehouse is seeking a Managing Consultants who will own client engagements from cultivation to completion
- You will be accountable for the activities of an Assessment Team and lead the planning and execution of High Value Asset (HVA) Cybersecurity Assessments on the federal government’s most critical systems
- Lead the execution of HVA assessments which include penetration testing services using a variety of tactics, techniques, and procedures to identify exploitable vulnerabilities in networks and systems while also measuring compliance with organizational security policies
- Serve as the Assessment Lead and responsible for overall assessment execution and guidance of technical and operator team members
- Develop executive-focused Assessment Report sections
- Develop current state security architecture diagrams
- Lead the communication with senior executives and stakeholders on assessment requirements
- Lead technical interviews with system stakeholders to determine if risks to the HVA are identified, evaluated, and managed
- Lead the documentation of Rules of Engagement to guide the scope, develop test plan, and assist with acquiring management approval
- Lead Penetration Team Operators to perform network mapping and reconnaissance, internal and external Testing including Red Team testing activities that focus testing activity towards accessing specific target datasets
- Testing methodology should include crafted e-mails, custom public websites, exploit code, and social engineering
- Analyze test results, develop a report on discovered vulnerabilities, and provide risk-based recommendations to remediate those vulnerabilities
- Confirm all deliverables are completed and meet expected quality standards
- Manage cybersecurity or HVA Program to ensure compliance with regulatory requirements and mitigate cyber risks to systems
Requirements
- An ACTIVE and MAINTAINED SECRET Federal or DoD security clearance
- Bachelor’s Degree
- A Minimum of FIVE (5) or more years’ of experience related to Cybersecurity Risk Assessment or Cybersecurity Program Management or HVA Assessment and/or HVA Program Management
- An ACTIVE and MAINTAINED TOP SECRET Federal or DoD security clearance preferred
- One of the following certifications: Offensive Security Certified Professional (OSCP) or GIAC Penetration Tester (GPEN) or Certified Ethical Hacker (CEH) Certification, CISSP
- Excellent oral and written communication and presentation skills
- Experience managing direct client engagement team to deliver impactful support to Federal clients
- Experience developing and maintaining working relationships while serving Federal clients onsite
- Ability to identify obstacles and opportunities that impact the success of plans or initiatives
- Previous passing of the CISA AES HVA Assessment or ability to pass the CISA AES HVA Assessment course
- Experience supporting US government cybersecurity programs
- CISSP or CISM certifications
- PMP Certification
- Experience with managing/supporting and/or knowledge of cybersecurity or high value asset program, and Security Architecture Review
- Certified CISA AES HVA Assessment Lead with experience conducting HVA assessments or performing Risk and Vulnerability Assessments
- Knowledge of Cybersecurity Framework, Risk Management, NIST 800-83 Rev 5.
Benefits
- Medical, Rx, Dental & Vision Insurance
- Personal and Family Sick Time & Company Paid Holidays
- Position may be eligible for a discretionary variable incentive bonus
- Parental Leave and Adoption Assistance
- 401(k) Retirement Plan
- Basic Life & Supplemental Life
- Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
- Short-Term & Long-Term Disability
- Student Loan PayDown
- Tuition Reimbursement, Personal Development & Learning Opportunities
- Skills Development & Certifications
- Employee Referral Program
- Corporate Sponsored Events & Community Outreach
- Emergency Back-Up Childcare Program
- Mobility Stipend
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Consultant in Technology and Cybersecurity at Guidehouse supporting federal clients. Focus on business processes, compliance, and project management within a dynamic and innovative environment.
Duty Manager at CPH Airport overseeing security operations and managing 25 staff members. Collaborating closely with a leadership team and ensuring high security standards.
SME Security Control Assessor supporting HHS - ACF security assessment activities and applying NIST frameworks. Responsible for documentation, testing, and team collaboration for control effectiveness.
Azure Security Engineer required to remediate vulnerabilities in a hybrid environment. Focusing on Microsoft Defender Suite and improving security posture across Azure and endpoints.
AWS - focused security engineer responsible for remediating vulnerabilities in cloud applications. Collaborating with developers and data engineers to implement secure fixes.
Security Manager leading Information Security strategy and compliance at Envitia. Overseeing security standards and incident response while fostering a security - aware culture.
Conseiller.ère en santé et sécurité au travail chez Sleeman Breweries. Soutien aux programmes de santé et sécurité au travail au Québec, en logistique.
DORA & Information Security Officer ensuring compliance and security for financial services. Involves policy development, monitoring standards, and managing IKT risks in a hybrid environment.
TA
Junior Security Auditor at TÜV TRUST IT specializing in eID and Trust Services consulting. Engaging in auditing and compliance with legal and technical frameworks.