Posted over 2 years ago
Description
This is a remote position.
We are in urgent need for a naturally inquisitive Security professional to perform and document ER Model/ERD (Entity Relationship Diagram) reviews, and work with internal stakeholders to gather additional information to identify risks.
Job Title: Security/ERD Consultant
Location: REMOTE
Contract: Thru end of the year; but likely to be extended thru mid-2022
Required Experience/Skills:
- Ability to unpack complex technical diagrams and documentation contextually and identify the components that must be reviewed
- Data Protection - encryption at-rest / in-transit, how to protect data in each state
- Authentication and Authorization - in modern web / mobile use cases
- Access Control Concepts - especially least privilege
- Data Privacy Laws, Regulations & Concerns - general understanding of GDPR, HIPAA, PCI and what constitutes PII, PHI, etc.
- Computer Networking - must have strong understanding
- Offensive Security Perspectives & Techniques - must have strong understanding and hands-on experience (may need to perform some penetration testing, although not often)
- Code Structures - basic/minimal understanding of some of the concepts of code and script structures
- Software Development Processes - must have basic understanding
- Web / Mobile Application Flows & APIs - must have basic understanding
- AWS & GCP Cloud Infrastructure - must have basic understanding
- Micro-Service Architecture - must have basic understanding
Skills
ERD Review & Documentation Data Protection Authentication and Authorization Access Control Concepts Data Privacy Laws, Regulations & Concerns Computer Networking Offensive Security Perspectives & Techniques Software Development Processes & Code Structures Web / Mobile Application Flows & APIs AWS & GCP Cloud Infrastructure Micro-Service Architecture
Experience
5+ years