Security Specialist
Wipfli is currently seeking a Security Specialist in our St. Paul Office.  The role of the Security Specialist is an entry level role that is the primary workflow driver for IT Security Testing services within the Risk Advisory and Forensics Services (RAFS) group. The security specialist will participate in the delivery of IT Security Testing services by performing scanning and analysis tasks and participating in and facilitating reporting and QA processes in the delivery of testing reports.

The role is also the primary workflow driver for IT Security Testing services within the Risk Advisory and Forensics Services (RAFS) group through preparation of budgets, engagement letters and proposals, renewal reports, and scheduling testing engagements.  Finally, the role will be involved in continuous improvement of the Testing services by updating data within VRAT and working with other RAFS team members to improve service processes and documents. 

Essential Responsibilities:
Performs scans using such tools as NMAP, Qualys, Core Impact, Nessus, BurpSuite, Backtrack, and other toolsets as applicable. Requires the ability to evaluate the specifics of the client’s network and appropriately configure each scanning tool to effectively test the network.
Analyzes and reconciles results of scans performed. Will interpret the output from the scanning tools and determine further analysis to be performed. Further actions may include manual testing procedures, use of publicly available software tools or scripts, and other methods to accurately determine the existence of a security vulnerability.
Performs verification procedures by identifying the specific indicators of each vulnerability and deciding on methods to best document the existence of the vulnerability for the client so that they can independently verify the security vulnerability. Will also evaluate and, if necessary, research the specific instance of each vulnerability to determine the best course of action for addressing it. Will formulate recommended actions for the client to consider.
Processes engagement letters in the RAFS VRAT tool, closes opportunity in CMS, and updates the Revenue Tracking Sheet; ensures billing job code is setup and schedules the engagement on the team calendar
Processes IT Security Testing services reports, including proofing and consolidating document files, and routes for approval; follows up on approval requests to ensure timely delivery
Ensures engagements are closed out in a timely manner and notifies when billing can proceed
Develops improved workflow and service tools and updates process documentation
Researches vulnerabilities and steps to resolve them; updates findings in the VRAT master findings database
Creates budgets for service opportunities
Assists in the preparation of engagement letters and proposals
Identify contract renewals and schedule renewal calls using the RAFS VRAT tool, CMS, and team calendar

Essential Qualifications: 
Bachelors of Science in Computer Science or similar field of study
Less than 3 years of experience required
A high level of initiative, strong written and verbal communication skills and business acumen oriented around small to middle market companies
Strong organizational skills in coordinating multiple projects/tasks simultaneously, and meeting deadlines
Great attention to detail and problem solving skills
Strong knowledge of Windows Server and Linux configuration
Strong knowledge of networking and security technologies including routers, switches, firewalls, IDS, anti-virus, protocol analyzers
Familiarity with port and vulnerability scanning tools and manual security testing processes
Knowledge of scripting and/or application development
Knowledge of database systems
Technical or Information Security certifications desirable

Interested people can apply for this position at: http://tinyurl.com/86p7ctl