Careers - MAD Security

MAD Security Careers

Come join a team of some of the brightest and most innovative security experts around!

For Employees:

MAD Security offers a very competitive compensation package that includes base salary, medical, 401k matching, bonuses (we like to reward you for your hard work), training on next generation security tools, and flexible time off.

For Trusted Partners (1099):

We are also looking for partners that we can work with that can augment our skills and add depth to our team. We frequently receive requests for work that is a little out of our lane or that we can’t take on due to full bookings, and in those cases we like to work with trusted partners to create win/win scenarios.


MAD Security Career Postings:

Senior Security Analyst

Job Title
Senior Security Analyst
Job ID
27030757
Location
Dulles,  VA
Other Location
Description

The Senior Technical Security Analyst position is within our client's IT Security group. We partner with technology and business owners to deliver proactive information security solutions and services that protect their information assets, computing infrastructure, applications and data. The Sr. Technical Security Analyst will support the Governance, Risk Management and Compliance program within IT Security. Primary responsibilities are to perform technical and non-technical risk assessments on systems to determine and communicate the level of existing and residual risk to business areas.

The ideal candidate will be a self-starter with a voracious appetite for learning and have an analytical mind that constantly looks for elegant and secure solutions to difficult problems. The candidate must be proficient and experienced in conducting risk assessments in a complex environment. The candidate must have the ability to convey complicated technology and security concepts to management and non-technical business areas. The candidate should have technical knowledge and/or experience in security, networking, systems administration, database administration, architecture and/or other technical domains. The candidate must have a desire to work vast and complex environment where encountering and learning new information is a part of the daily routine. Candidates looking for a traditional compliance environment with “checkbox”compliance requirements, need not apply.

Qualifications

Responsibilities:

  • Work within the GRC team to perform in-depth technical risk assessments of systems to determine risk level and mitigation strategies.
  • Work with the team to continuously improve the technology risk process and procedures
  • Communicate potential weaknesses and associated risks identified by the risk assessment and compliance process.
  • Develop action plans and/or recommend alternative solutions to resolve risks and exceptions.
  • Provide oversight to ensure tracking of remediation plans for timely closure of risk issues.
  • Provide security consulting and advisory services to business units and project teams.
  • Research and maintain a knowledge base regarding information security risks, issues, solutions and potential implications for the client.
  • Provide Security requirements for development teams as needed prior to application deployment.
  • Review vendor contracts for compliance with Security Policies and Standards and perform vendor risk assessments.

Required Qualifications

  • Bachelor’s degree or equivalent work experience and a proven track record in the field of information security and/or risk management.
  • 5 or more years of hands-on technology, risk, security and/or governance experience.
  • Must have in-depth knowledge of common information security topics, policies and standards.
  • Excellent verbal and written communication skills with the ability to understand business requirements.
  • Must be able to develop risk management strategies that align with business goals and objectives and protect the confidentiality, integrity and availability of information systems and data.
  • Project management experience on information security processes and within software development life cycles is desired.
  • Familiarity with measures and metrics used in risk assessment methods and/or vulnerability assessment processes.
  • One or more of the following certifications: CISSP, CISA, CISM, CRISC
  • Thorough technical knowledge of the following areas: IT Audits, IT Governance, Risk and Compliance, Information Security and/or Technical Privacy.
  • Solid organizational skills and strong customer service skills.

Desired Qualifications

Certification or hands on experience in one of the following areas:

  • Amazon Web Services (AWS) security or compliance knowledge
  • Knowledge of (or desire to learn) Application Security (OWASP) risks
  • Knowledge of (or desire to learn) Network Security
  • Desire to work in Security Awareness

Option 2: Create a New Profile