Location - Boston, MA (Hybrid) - Local only
Required Skills
- In-depth exposure to technical configurations, technologies, and processing environments in one or more projects of similar size and complexity to BEST.
- In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls.
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Documented experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x and the ITIL, SOX, COBIT and National Institute of Standards and Technology (NIST) frameworks.
- Experience in architecting and implementing cloud-based security solutions.
- Strong knowledge of security tools and capabilities, such as: IDM and SSO.
- Extensive experience in integrating security tools and 3rd party vendor solutions.
- Exceptional planning, organization, communication, prioritization, and business analysis skills.
- In-depth knowledge of risk assessment methods and technologies.
- Proficiency in performing risk, business impact, control, and vulnerability assessments.
- Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity, and access management (IAM) systems, anti-malware solutions, privilege access management (PAM), data loss prevention (DLP), encryption at-rest and in-transit, multi-factor authentication (MFA), end-point-security, vulnerability scanning and patch management, automated policy compliance tools, and desktop security tools.
- Experience in developing, documenting, and maintaining security policies, processes, procedures, and standards.
- Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
- Documented written and verbal communication skills.