DivIHN (pronounced divine) is a CMMI ML3-certified Technology and Talent solutions firm. Driven by a unique Purpose, Culture, and Value Delivery Model, we enable meaningful connections between talented professionals and forward-thinking organizations. Since our formation in 2002, organizations across commercial and public sectors have been trusting us to help build their teams with exceptional temporary and permanent talent.
Visit us at to learn more and view our open positions.
Please apply or call one of us to learn more
For further inquiries regarding the following opportunity, please contact one of our Talent Specialist: Vinod at 224-###-####
Title: Cybersecurity Analyst Location: Locations could be at Chicago, Abbott Park or St.Paul
Duration: 1 Month
Start Time (AM/PM) : 8
End Time (AM/PM) : 5
Description:
- This is a non-exempt role.
- The Cybersecurity Sr. Specialist support cybersecurity operations by designing, developing or recommending secure technical solutions, including policy, standards, applications, systems, architectures, and infrastructure that are operationally viable and efficient.
- Ensure appropriate application of security products and technologies to protect the organizations systems and information and enable achievement of the organizations objectives.
- Manage and design innovative integration of cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities, as a means of improving the security posture.
- Perform analysis of emerging technologies and design and build architectures and solutions to enable secure implementation of new technologies.
Duties:
- Develop a risk-based cyber security program which meets regulatory requirements and aligns with industry leading information security practices.
- Perform threat identification and mitigation activities using industry leading security controls and tools sets.
- Advance the Companys cyber threat and vulnerability management program to ensure consistent identification, analysis, response, and monitoring of cyber security threats, events, and vulnerabilities.
- Assess threats to the business and deploy countermeasures for those threats.
- Collaborate with business units, application development teams, and third-party vendors to achieve program requirements while enabling the business.
- Apply technical knowledge to protect the Company against cyber threats (e.g., knowledge of firewalls, intrusion detection and prevention systems, data loss prevention solutions, endpoint protections, log aggregation technology and other leading-edge security technologies).
- Facilitate cross team coordination to achieve defined security goals as well as meet technical requirements in support of detailed implementation plans for security projects. Manage security projects to ensure the timely, on budget, and effective implementation of cyber security improvements that are operationally supported with validation methods in place to measure effectiveness.
- Perform assessment of cyber security incidents to identify the root cause, respond, and recover the environment.
- Develop strategies, policy and standards to protect company information and technology assets.
- Manage capital and operational expense budgets to ensure accurate forecasting and administration.
Required:
- At least 5 years of experience but typically 7 plus years of experience is required.
- Possess expertise in valuing and implementing industry standards such as the ISO 27001/2, SOC 2, HITRUST and FedRAMP Information Security standard and the ISO 22301 Business Continuity Standard.
- Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance).
- Possess CISSP certification (or similar) and be knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.
As a Senior Cyber Specialist (Advisory) in ClientProduct Cybersecurity, you will work closely provide cybersecurity support throughout the product development and operations lifecycle to teams that develop and maintain mobile-enabled and cloud-based products. You will provide cybersecurity guidance to product development teams and develop cybersecurity recommendations that balance business and cyber risk. Product Owners, Engineers, Managers, Architects, and Directors will rely on your cyber expertise and clear communication to inform their decisions.
Core responsibilities of this job are:
- Advise on cyber risks during mobile and/or cloud-based product development
- Ensure that development teams adhere to industry cybersecurity requirements
- Perform threat modeling during the development of client products
- Leverage cyber testing results to evaluate the security posture of client products
- Advise teams regarding the prioritization and remediation of security deficiencies
- Communicate important product security concerns to leadership as appropriate
About you:
- 5 years in a technical advisory role within cybersecurity, or as a product engineer with a cybersecurity focus
- Professional experience with of one or more of the following:
- Advising on cloud computing architectures and associated security design challenges
- Advising on cloud application development and associated security design challenges
- Advising on mobile application development and associated security design challenges
- Experience performing cyber threat modelling using industry frameworks (e.g, STRIDE, PASTA)
- Strong understanding of information security fundamentals and defense-in-depth practices
- Ability to build relationships, influence without authority, and drive positive outcomes across multiple stakeholder groups
- Ability to provide clear oral and written communication to a variety of business and technical audiences
- Proven problem-solving experience
- Ability to prioritize work and adapt to changing needs in a dynamic work environment
- University degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related discipline
- Familiarity with medical device industry cybersecurity frameworks preferred
- Advise on cyber risks during mobile and/or cloud-based product development
- Ensure that development teams adhere to industry cybersecurity requirements
- Perform threat modeling during the development of client products
- Leverage cyber testing results to evaluate the security posture of client products
- Advise teams regarding the prioritization and remediation of security deficiencies
- Communicate important product security concerns to leadership as appropriate
Education: Bachelor - Cybersecurity - Computer Science Experience: 3 to 5 years Skills: Cybersecurity, threat modelling or advisory. Inteview: Teams - 2 rounds Prefered: Medical Industry but not required
About us:
DivIHN, the 'IT Asset Performance Services' organization, provides Professional Consulting, Custom Projects, and Professional Resource Augmentation services to clients in the Mid-West and beyond. The strategic characteristics of the organization are Standardization, Specialization, and Collaboration.
DivIHN is an equal opportunity employer. DivIHN does not and shall not discriminate against any employee or qualified applicant on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status.