IT Security SME

Location: Harrisburg, PA - Candidates within 3 hours of Harrisburg, PA preferred
Position Type: Remote/Hybrid may need to work onsite when requested.
Contract Length: 3 months, with extension

Position Overview:
This role requires at least 5 years of experience and strong expertise in security assessments, compliance, and remediation, with responsibilities spanning vulnerability testing, incident response, and security awareness training.

Required Skills:

• 5 years of experience with Tenable Security Center a must. Certifications are a plus
• 5 years of experience with DAST tools such as Rapid 7 AppSpider
• 5 years of experience with Windows and Linux operating systems and system hardening
• 5 years of knowledge of regulatory compliance standards relevant to cybersecurity
• 5 years of experience with risk assessment methodologies and frameworks (e.g., NIST, FAIR)
• 5 years of strong understanding of network protocols and technologies (e.g., OSI Model, TCP/IP, firewalls, intrusion detection systems)
• Excellent soft skills such as listening, presenting, and negotiating
• Must pass required extensive background check and cannot have any felony offenses
• Ability to work remotely/and locally when required
• Professional oral and written communication skills

Duties:

• Primary role is as the subject matter expert (SME) for the management and administration of the delivery center's vulnerability management program.
• Conduct regular vulnerability assessments and tests to identify security weaknesses in systems and applications.
• Collaborate with compliance teams to ensure adherence to regulatory requirements and industry standards related to security vulnerabilities.
• Coordinate with IT and development teams to prioritize vulnerabilities and ensure timely remediation actions are taken.
• Stay informed about the latest security trends, threats, and best practices to continuously improve the vulnerability management process.
• Prepare and present vulnerability management reports to senior management, highlighting key findings and recommendations.
• Provide training and awareness programs for staff on security vulnerabilities and best practices for risk mitigation.
• Facilitate incident response activities related to vulnerabilities and coordinate with external partners as necessary.
• Demonstrates good judgement and problem-solving skills. Reacts and adapts to changing circumstances rapidly.
• Leverages incident tracking and ticketing systems to receive tasks from other units, delegate tasks to other units, prioritize daily tasks, document actions taken, and the final resolution for tasks completed.
• Provides on call and/or emergency support, including after-hours as needed.
• Adheres to established service management processes and procedures.