Senior Information Security Consultant

Hello,

Hope you are doing great !

Please find the below mention JD.

Senior Information Security Consultant Critical Infrastructure

Local DL of sacramanto is required

Local candidates only!!

Key Responsibilities

Risk & Security Assessments

Evaluate and review new and upgraded technologies for potential security risks.

Perform risk and vulnerability assessments for proposed applications, infrastructure, and control systems.

Review and approve risk acceptance requests, offering mitigation strategies when needed.

Incident Response & Coordination

Develop and maintain Incident Response Plans (IRPs) for both business and control systems.

Lead tabletop exercises, simulations, and playbook updates.

Coordinate incident response efforts using the Incident Command Structure when appropriate.

Monitoring & Threat Management

Continuously monitor servers, endpoints, applications, and networks for vulnerabilities and security threats.

Utilize SIEM, firewalls, endpoint security, patch management, PKI, and cloud security solutions for defense and monitoring.

Track vulnerabilities through resolution or risk acceptance.

Policy & Compliance Management

Develop, deploy, and enforce security policies, standards, guidelines, and procedures.

Support compliance with security frameworks such as NIST, CIS Benchmarks, and regulatory standards (EPA for wastewater / water).

Configure enterprise security platforms and ensure alignment with best practices.

Training & Awareness

Deploy security awareness training platforms and phishing simulations.

Ensure timely completion of training and follow up with repeat offenders.

Deliver engaging security workshops and presentations (both technical and non-technical).

Technical Contributions

Automate security tasks through scripting (Python, PowerShell).

Develop and review System Security Plans (SSPs).

Support change management processes for secure system integration.

Required Qualifications

Bachelor s degree in Computer Science, Information Security, or a related field (or equivalent experience).

8+ years of professional experience in multiple areas of information security, including :

Network security

SOC analysis

Endpoint management

Vulnerability management

Cloud security

Incident response

Scripting / programming (Python, PowerShell)

Hands-on experience with SIEM tools, firewalls, DLP, PAM, MFA, and SOC applications.

Proficiency in Windows domain administration, networking, and cloud security across major platforms.

Strong background in risk assessments, security frameworks, and compliance standards.

Desired Qualifications

Experience with industrial control systems, wastewater / water systems, or electrical systems.

Knowledge of EPA regulations as applied to wastewater and water systems.

Relevant security certifications (e.g., CISSP, CISM, CEH, Security+).

Familiarity with CIS Benchmarks / CIS-CAT.

Strong presentation and communication skills, with ability to engage both technical and non-technical audiences.

Kindly share me your profile at gaurav09@kanakits.com