Freeh Group International Solutions, located in Wilmington, DE, is a leading global risk management firm serving in the areas of business integrity and compliance, safety and security, and investigations and due diligence. We serve a diverse range of organizations in a cross-section of industries, working to reduce risk in today’s increasingly dangerous and complicated global marketplace.
Candidate must possess a high degree of integrity, sound judgment, and competency in the field of enterprise information security defenses, ethical hacking, compliance requirements, and risk management. The ideal candidate is a thoughtful leader, problem solver, and has a strong knowledge of information security best practices. Candidate must be knowledgeable about attack vectors and techniques that potential adversaries may use to compromise the security of enterprise environments. The candidate must have the ability to effectively advise and implement security protections. Furthermore, the candidate must be able to communicate with decision makers the potential impact of security issues and propose mitigation plans.
Advise and develop strategies for the effective implementation of defensive security practices.
Advise and develop IT security policies and procedures.
Give general information security guidance to customers.
Proven knowledge and experience across multiple information protection and security domains as well as security best practices and standards.
Demonstrated experience implementing and the ability to understand, give recommendations on controls to meet compliance requirements for
International IT compliance experience, particularly regarding data ownership, protection, and privacy.
Knowledge of and experience with digital forensics and evidence handling procedures.
Ability to verbally communicate security and risk-related concepts to all technical and nontechnical audiences, at all organization levels.
Excellent interpersonal skills and the ability to work effectively with end-users, peers, and managers.
Current experience as an information security or digital forensics subject matter expert.
Excellent written, verbal, public speaking, communication, and presentation skills.
In-depth knowledge of UNIX, Windows OS family, TCP/IP, and network technologies.
Strong project management and organizational skills.
Experience developing and administering enterprise-wide IT security and privacy training programs.
Experience in conducting and providing penetration test exercises against customer-owned assets including (but not limited to) network and server penetration testing, web application penetration testing, and physical access breach testing. Experience in providing reports to customers with findings, demonstrating potential impact, and giving remediation advice.
Certifications CISSP,CCSP, GCED,GCIH
Maintain forensic credentials and ability to provide expert testimony. (EnCE, GCFE, GCFA)
Education and Experience
Master's Degree in Computer Science, Information Systems, or related field or equivalent work experience.
7+ years of Information Security experience.
Experience leading and directing information security and digital forensics professionals.