Job title : IT Security Specialist Location: Raleigh, NC Duration : 5+ Months Interview: Webcam Interview Only Type: Onsite Role Job Description: Client is seeking an Information Technology (IT) professional with proven application security testing experience using tools such as BURP Suite, Fortify and manul testing. Duties include, are not limited to:
- Experience with Security testing tools to implement the security framework in DevSecOps. Experience with application security testing tools such as BURP suite, Fortify and manual testing
- Familiar with application development frame work such as .net, java, spring boot etc.
- Detailed understanding and strong skill set in operating and working with the Splunk toolset
- Experience in finding OWASP top 10 vulnerabilities and provide guidance to the application development team to remediate the identified vulnerabilities
- Experience in using vulnerability management tools such as Qualys and to work with stake holders to remediate the identified vulnerabilities in a timely manner.
- Expertise with Linux, windows and Command-line interface
- Excellent troubleshooting skills and strong technical learning aptitude required. Experience in HIPAA Privacy & Security Risk Assessments
- Implement the security framework within the DevSecOps environment, leveraging security testing tools like BURP Suite, Fortify, and manual testing.
- Work with a variety of application development frameworks, including .NET, Java, Spring Boot, and others.
- Identify and assess OWASP top 10 vulnerabilities and provide guidance to the application development team for remediation.
- Utilize vulnerability management tools, such as Qualys, to identify and promptly address vulnerabilities while collaborating with stakeholders.
- Showcase expertise in operating systems such as Linux and Windows, as well as proficiency in Command-line interfaces.
- Possess excellent troubleshooting skills and a strong aptitude for technical learning.
- Conduct HIPAA Privacy & Security Risk Assessments to ensure compliance and data security. Qualifications:
- Bachelor's degree in a relevant field (preferred).
- Industry-recognized IT security certifications (e.g., CISSP, CISM, CEH) are a plus.
- Proven experience in application security testing, vulnerability management, and incident response.
- Familiarity with healthcare data security regulations, including HIPAA.
- Strong communication skills and the ability to collaborate effectively with diverse teams.
- Analytical mindset and problem-solving abilities.
- Splunk certifications
Required/Desired Skills:
- Risk Management - must be able to Identify gaps through risk management, and assist in the development of mitigation strategies.
- Experience updating privacy and security policies based on gaps found through an assessment process.
- Client, evaluate, assess, systems, networks, and components through the use of vulnerability scanning and risk assessment method.
- Experience documenting vulnerability assessment results in ccurate, clear, actionable, and available way to appropriate personnel
- Must be able to review & assess projects and systems throughout all phases of their life cycle in an effort to identify Privacy org needs
- Must be able to serve as a knowledge base for organizations as it relates to compliance requirements and mitigation strategies.
- Experience Performing risk assessments based on NIST 800- 53 Rev 4. ISO-27001, HIPAA, and IRS Pub 1075.
- Experience with network mapping and vulnerability scanning tools such as NESSUS and NMAP.