Find A Job › Information Technology


Information Security Analyst

  • Location: Hickory, NC
  • Job Type: Contract
  • Ref No: 19-01989
  • Date: March 22, 2019
  • Job title:

Thomas Cabana

Questions about this job listing? Contact the recruiter now.

Job Description - Information Security Analyst




Openings: 1

ICS is hiring for an individual contributor supporting the continual maintenance and improvement of an Enterprise Vulnerability Management program and related processes. The position will work collaboratively with the corporate business groups to ensure a consistent and integrated approach is applied to Vulnerability Management and Forensics which aligns to the overall business mandate. As a representative of Enterprise Information Security (EIS) the position supports the appropriate design, implementation, and/or execution of the Risk Management, Vulnerability Management and Digital Forensic Functions. This position requires strong technical skills, tenacious individual with strong communication, problem-solving, relationship and consensus-building skills and a high degree of personal initiative and attention to detail.


  • Serve as a trusted advisor for security risk management and vulnerability management functions for information security
  • Perform routine risk related security assessments encompassing engagement activities, intelligence gathering, threat modeling, vulnerability analysis, exploitation and reporting
  • Provide support for risk assessment, vulnerability analysis, risk mitigation, and digital forensic investigations
  • Assist with information system security vulnerability scanning to Client and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components
  • Perform compliance management activities by analyzing implementation of configurations and hardening configurations for networks, operating systems, applications, databases, and other information system components
  • Engage with stakeholders, to include IT professionals, management, and auditors to facilitate vulnerability discovery and remediation
  • Communicate security and compliance issues in an effective and appropriate manner
  • Recommend and validate appropriate remedial actions to mitigate risks and ensure information systems employ the appropriate level of information security controls
  • Assist in development and implementation of information security vulnerability management policies, procedures, and standards based on National Institute of Standards and Technology (NIST) 800-53 standards, best practices, and compliance requirements.


  • Bachelor's degree in a related curriculum and 3-5 years related experience
  • Information security experience with focus on vulnerability management, penetration testing and/or forensic investigations preferred
  • CISSP, CRISC or CISM preferred
  • Familiar with risk and control frameworks, and process improvement models (e.g. PCI DSS, NIST RMF, HIPAA, ISO 27002, ITIL, PTES)
  • Prior experience working with diverse, cross-functional, cross-departmental projects, and technologies
  • Well-rounded understanding of technology, operations, and key business processes
  • Strong interpersonal skills and excellent written and verbal communication skills
  • Intermediate to advanced proficiencies with MS Excel, MS Word, and MS PowerPoint
  • Demonstrates a high degree of ethics; instills trust and credibility
  • Effectively identifies, collaborates, and maintains relationships with relevant stakeholders
  • Portrays strong facilitation, negotiation, and conflict resolution skills
  • Translates requirements and risk concepts into relevant and understandable terms
  • Manages individual workload to deliver with excellence on simultaneous projects and priorities; each with tight schedules
  • Familiarity with vulnerability exploitation concepts
  • Experience with Penetration Testing Execution Standard (PTES)
  • Experience with industry standard vulnerability scanning tools
  • Experience with E-Discovery, Legal Holds, and handling of Forensic Data/Evidence is preferred


Related Job Listings

Job Location Type Posted  
Hadoop Developer Raleigh, NC Right to Hire May 21
Python Developer Raleigh, NC Right to Hire May 20
Salesforce Administrator Raleigh-Durham, NC Contract May 09
Data Analytics Software Engineer Durham, NC Contract April 17
Full Stack Engineer Durham, NC Contract March 12