Jobs Posted on the Whova Community Board of InfoSec Nashville 2021
If you know anyone in the job market, feel free to share with them
VCISO Services LLC Part time (10-20 hours/mo) consulting providing virtual CISO services to small and midsized businesses. Must have at least five years full time experience as CISO or equivalent and hold a current CISSP. This is a risk management position, not a technical one, though technical knowledge and skills are required. Ideal for those with a full time position looking for additional income and/or experience.
Someone who can execute and conduct consulting engagements and information security risk assessments based on industry standards (HIPAA/HITRUST, NERC, PCI-DSS, GLBA, FFIEC, SOC2, NIST, ISO) onsite with clients while providing superior customer service and fostering those relationships to build trust to secure future business. Ability to respond to advisory service requests to address and answer client questions using information security management and strategic guidance to develop the client’s information security programs. Exceptional writing skills needed to deliver reports detailing findings and associated recommendations for information security programs to help meet the client’s security and compliance standards.
Bachelor’s a Degree in a technical discipline or equivalent work experience in IT and/or Security. 2+ years’ experience in security or risk management, performing security assessments in a client-facing/consulting role. Professionalism, problem-solving, customer facing and handling skills, time management, written and verbal communication, presentation skills, active listening, flexibility. Working knowledge of risk and security frameworks, standards, and best practices (e.g. HIPAA, COBIT, NIST, ISO 27001/2). Ability to think holistically and identify areas of technical and non-technical risk. Experience writing technical reports and presenting to non-technical audiences. Comfortable working in ambiguous and/or undefined situations. Must be available for regular travel. Relevant risk and/or security certification(s) preferred (CISSP, CISA, CISM, C-Risk or equivalent).
Global Security Application Manager
Deloitte DTTL You will lead the day-to-day collaboration with the engineering teams to ensure successful implementation of secure coding practices and integration of secure application and design processes across Deloitte.
Information Security Consultant
Keller Schroeder & Associates Red Team and Blue Team, Junior and Senior-level positions available. Full-time, competitive salary. Located in Indiana, Kentucky, Tennessee. See link for more details. Please reach out with any questions! Call or text if interested: 317-409-2368.
Medical Device Security Analyst
CynergisTek The Ideal Candidate
Someone who can assist in medical device security risk assessments and develop vulnerability management strategies. You will also help develop processes and associated documentation in support of developing clients’ medical device security programs. Additionally, be able to write and deliver reports detailing your findings and associated recommendations for medical device security program development. Successfully achieve high levels of client satisfaction on all engagements by achieving client expectations set by engagement leaders and project managers.
· Bachelor's degree in business, technology, or information security-related field or equivalent work experience with medical devices and/or information security is a plus.
· 1+ years’ experience with medical devices in a healthcare environment including lifecycle phases – procurement, inventory and installation, ongoing support and maintenance, incident response, and end-of-life management.
· 1+ years’ experience with information security-related practices including incident response, risk assessment/analysis, and risk management.
· Cursory knowledge of medical device cybersecurity principles and documentation (e.g. MDS2, FDA, AAMI, ICS-CERT reports, etc.).
· Experience writing technical reports and presenting to non-technical audiences.