Cincinnati Bell Jobs

Mobile cincinnati-bell Logo

Job Information

Cincinnati Bell Information Security Consultant in Remote, United States

Position : Information Security Consultant

Job Purpose

The Information Security Consultant will be responsible for providing world-class security consulting services to CBTS customers. The consultant will use extensive experience with security technologies, knowledge of accepted standards and best practices, and proven tactics against sophisticated attackers, to help CBTS customers defend their critical systems and sensitive data.

Essential Functions

  • Lead "friendly" security assessment engagements for CBTS customers. While working with customer technical and executive staff, review the state of various technical and organizational controls processes, and policies. Perform gap analysis, comparing state to widely accepted best practices from vendors, regulatory and compliance bodies, and the security community at large. Document these gaps, along with sensible and relevant recommendations, in findings reports that satisfy the needs of both a technical and non-technical audience.

  • Lead vulnerability assessment and penetration testing engagements of CBTS customer environments and controls. Using expertise in the operation of commercial and open-source assessment tools, identify configuration flaws, missing patches, and gaps in defenses that could be exploited by attackers. Assessment types will include social engineering and phishing, wireless, mobile device, and physical security, and web application penetration tests.

  • Perform pre-sales work. Discuss security and compliance needs with customers, and identify services that help meet those needs. Work with security sales specialists to design engagements for customers. Craft detailed proposals that effectively communicate expectations to customers. Identify vendor partners that offer effective solutions to modern threats and risks. Understand regulatory compliance requirements for customers in various industries.

  • Assist CBTS internal technical staff with security needs. Provide recommendations for security architecture, processes, and technologies.

  • Assist CBTS marketing with the promotion of security branding and services. Write technical whitepapers, blog posts, and other documentation.

  • Perform security research, furthering individual and team understanding of the threat landscape, as well as cutting-edge security technologies. Attend security conferences and participate in local security community events. Evaluate products and tools that can improve the security services team's offerings, and provide value to customers.

Experience

  • 3-5 years of experience

  • Hands-on experience with tactics used by the APT, Cyber Crime, and other associated threat groups

  • 1-2 years of experience performing penetration testing

  • Experience with various security assessment tools, such as Nessus, Nexpose, Metasploit, Acunetix, Appspider, and the collection of tools included in the Kali Linux pentesting suite.

  • Advanced certifications -- GPEN, GWAPT, GCIH, GCFA, GAWN, OSCP/OSCE

  • Experience performing technical training and instruction

  • Active US government security clearance

  • Experience with public speaking and presentation on technical topics

  • Strong creative writing skills -- provide examples of whitepapers, blog posts, technical presentation material if available

Education

  • 4-year degree in Computer Science or a related technical degree, or a minimum of 10 years of IT experience.

  • Minimum certification: CISSP, GSEC, CEH

  • Advanced certifications -- GPEN, GWAPT, GCIH, GCFA, GAWN, OSCP/OSCE

Special Knowledge, Skills, and Abilities

  • Due to U.S. Government regulations pertaining to the nature of this work, the employee must be a US citizen (non-Green Card holder).

  • 4-year degree in Computer Science or a related technical degree, or a minimum of 10 years of IT experience.

  • 3-5 years of experience in the information security field

  • 1-2 years of experience performing security assessments

  • Self-guided worker that can undertake projects and assignments with little oversight, and can be counted on to perform work to improve personal, team, and company capability without prompting or direction

  • Expert-level understanding of information security principles

  • Strong understanding of enterprise operating systems (Windows servers and workstations, Linux/UNIX, Mac OS X)

  • Strong understanding of enterprise applications and platforms (web and application servers, messaging, database)

  • Strong understanding of network communications (TCP/IP, Ethernet, WAN/LAN technologies)

  • Experience in enterprise network design and architecture

  • Experience in design, deployment, and use of security technologies (network defenses, security monitoring, wireless, DLP, encryption, endpoint defenses, log management & SIEM, etc)

  • Strong oral and written communication skills -- must provide examples of written reports

Supervisory Responsibilities

No supervisory responsibility

CBTS is a wholly-owned subsidiary of Cincinnati Bell that serves enterprise and midmarket clients in all industries across the United States and Canada. From Unified Communications to Cloud Services and beyond, CBTS combines deep technical expertise with a full suite of flexible technology solutions that drive business outcomes, improve operational efficiency, mitigate risk, and reduce costs for its clients. We are focused on building and maintaining a diverse team of employees who are committed to delivering an outstanding customer experience. We call the communities we serve home and giving back to these communities is an important part of our culture. CBTS offers an amazing Employee Volunteer Program, Employee Resource Groups, and organized corporate community service events that further strengthen our community relationships.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, age, disability, religion, sex, sexual orientation, gender identity, gender expression, protected veteran, military status or any other characteristic protected by law.

Due to U.S. Government requirements applicable to foreign-owned telecommunications providers, non-US citizens will be required to submit to an extensive government agency background check which will necessitate disclosure of sensitive Personally Identifiable Information.

DirectEmployers