Description

Our government client is seeking an experience candidate for a contract in Risk Management

Duties

• Will undertake non-invasive electronic penetration testing of a departmental network both inside and outside of the secure domain of the department;
• Analyze and interpret data on threats and opportunities identified through internal and external environmental scans, analysis and adjustments;
• Analyze risks and perform gap analyses;
• Provide assessments and advice concerning development and implementation of cost-effective risk prevention, reduction or avoidance measures;
• Perform research and analysis on risk management activities such as the development of improved risk methodologies;
• Provide advice to senior management regarding reducing the potential for damage to or loss of government property and the risk of incurring second or third-party liability to non-government entities; and
• Will create a report to document findings and recommended risk mitigation strategies. 

Qualifications

• Demonstrated experience with non-invasive electronic penetration testing of a departmental network both inside and outside of the secure domain of the department;
• Demonstrated experience documenting findings of non-invasive electronic penetration testing and recommending risk mitigation strategies. 
• One or more of the following certifications are desirable: CISSP, SSCP, CISM, CSSLP or CAP certification