Company Description
PRAXTION is a team of passionate professionals dedicated to helping businesses thrive in the digital landscape. We offer cybersecurity consulting, IT & Web Development Solutions, Program/Project Management, Business Consulting, Risk Management, Training, Digital Transformation, and brand marketing services. Our goal is to help businesses stay ahead of the curve by providing innovative solutions tailored to their needs.
Role Description
This is a full-time hybrid role as a mid-level Cyber Security Consultant at PRAXTION in the Washington DC Area, with flexibility for partial remote work. The Cyber Security Consultant will be responsible for the following:
Security Management:
- Maintain and oversee the operational security posture of assigned information systems in compliance with IT security program policies.
- Serve as the primary contact for the coordination, implementation, and enforcement of information security policies, including account and configuration management.
- System and Application Oversight:
- Maintain a comprehensive catalog of assigned IT enterprise and departmental business applications, including key details such as system points of contact, vendor information, and system type (cloud, on-premise, hybrid).
- Participate in the implementation of system security policies, standards, and procedures related to assigned business applications.
Vendor and Third-Party Management:
- Manage relationships with third-party vendors for IT contracts related to assigned business applications.
- Review vendor capabilities and security postures for potential new systems, providing risk recommendations.
- Collaborate with the Contracts and Procurement team to ensure all IT security requirements are included in contracts for IT systems, applications, and services.
Compliance and Risk Management:
- Ensure interconnection security agreements (ISAs) are in place for key system interfaces.
- Conduct annual backup and restore tests for on-premise business applications.
- Work with the operations team and vendors to patch system vulnerabilities and perform timely upgrades.
- Review vulnerability scan results for third-party applications/systems and coordinate remediation efforts with relevant teams.
Collaboration and Advisory:
- Collaborate with the CISO, CIO, system managers, and other stakeholders to finalize IT security requirements for third-party systems.
- Participate in fusion teams to assess and review the security posture of potential new systems within the scope of responsibility.
Qualifications
- Information Security and Vulnerability Assessment knowledge
- Experience in conducting risk assessments and implementing security measures
- Strong analytical and problem-solving skills
- Excellent communication and teamwork abilities
- Relevant certifications such as Comptia Security+, CISSP, CISM, or CEH
- Bachelor's degree in Cybersecurity, Computer Science, or related field