Burns & McDonnell Veterans Jobs

Veterans & Military

Job Information

Burns & McDonnell Information Security Specialist - Information Technology (Kansas City) in Kansas City, Missouri

Description

The Information Security program protects Burns & McDonnell data, systems, and employees from evolving cyber threats and provides cybersecurity governance for the company. Burns & McDonnell is rapidly transitioning to cloud infrastructure, applications, and services. Information Security needs a Staff Information Security Specialist focusing on cloud security. The Information Security Specialist provides cybersecurity subject matter expertise and performs Information Security functions of protecting the company.

  • Conduct security risk assessments of cloud-based applications and services currently used, or may be potentially used, by the company, rank security risks, and articulate risk in terms of business impact.

  • Collaborate with the business on cloud-based applications and services evaluated with high risk to propose alternate solutions, compensating controls, or risk reduction strategies.

  • Collaborate with individual employees using overly permissive cloud-based applications to mitigate the risk of company data exposure.

  • Analyze Burns & McDonnell cloud infrastructure environments for cybersecurity risks and provide mitigation recommendations to relevant IT architecture, engineering, and operational teams.

  • Perform security verification of configuration and settings for Burns & McDonnell cloud infrastructure environments and Software as a Service (SaaS) solutions.

  • Provide advice and guidance in implementing Information Security policies, standards, and requirements applicable to cloud security.

  • Conduct exercises to validate the effectiveness of cloud-related cybersecurity controls.

  • Provide oversight to remediate cloud-related security findings identified through internal audits, external audits, penetration testing or vulnerability scanning.

  • Identify and recommend improvements to the company cybersecurity capabilities.

  • Lead assigned Information Security initiatives and projects

  • Assist with responding to cyber threats associated with cloud infrastructure, applications, and services.

  • All other duties as assigned

Qualifications

  • Bachelor's degree in Information Security, Computer Science, Computer Engineering, Information Technology, or related field. Applicable years of experience may be substituted for degree requirement.

  • Minimum 8 years of experience in information security.

  • Information security certification preferred.

  • Highly effective oral and written communication skills with ability to convey security concepts and risks to non-technical personnel

  • Demonstrated knowledge of securing cloud environments and applying cloud security controls

  • Demonstrated knowledge of cloud architectures (preferably Azure and AWS), integration of SaaS solutions, and cloud-based applications

  • Demonstrated knowledge of security risk analysis and assessments

  • Demonstrated knowledge of applying security testing methods

  • Demonstrated knowledge of MITRE ATT&CK framework and emerging cybersecurity threats

  • Demonstrated knowledge of investigating cloud-related threats and applying computer forensics principles

  • Demonstrated knowledge of applying network operations and protocols

  • Demonstrated knowledge of one or more programming/scripting language (preferably in PowerShell)

  • Demonstrated knowledge of security policies and standards

EEO/Minorities/Females/Disabled/Veterans

Job Security

Primary Location US-MO-Kansas City

Schedule: Full-time

Travel: No

Req ID: 213245

#LI-MG #COR

DirectEmployers