Job Description

Security Analyst Resources plan implement upgrade or monitor security measures for the protection of systems networks and information; ensures appropriate security controls are in place to safeguard digital files and vital IT infrastructure; and responds to computer security incidents and breaches. Security Analyst Resources do not access Federal Tax Information.

Requirements

Basic Qualifications (Mandatory):

• A Bachelor s degree in Computer Science Information Systems Engineering Cybersecurity or a related field.
  
• At least 7 years of Information Security experience in specialized roles such as penetration testing application development application security testing.
• 57 years in software development or IT security related fields.
• 13 years of experience as a Cloud Security architect or related position.
• Formal education in Computer Science Information Systems Engineering Cybersecurity or a related field can be substituted for the following years of experience:
• Master s degree: 1 year
• Strong understanding of cloud computing technologies including Infrastructure as a Service (IaaS) Platform as a Service (PaaS) and Software as a Service (SaaS).
  
• Proficient in designing security controls security tools needs/assessment and technology services.
• Experience working with containerized and micro architecture platform as per the industry best practices.
• Excellent understanding of securing Software Development Life Cycle (SDLC) architecture design and IT operations and integrating application security into CI/CD pipeline.
• Experience working with threat modeling frameworks (e.g. STRIDE MITRE ATT&CK etc.).
• Experience with common vulnerability management process including scanning analyzing reporting remediation planning and tracking.
• Experience working with application security testing tools such as dynamic application security testing static application security testing mobile application security testing source code analysis vulnerability management.
• Experience with common networking tools (e.g. Wireshark tcpdump netcat).
• Experience with security incident or breach investigation and development of strategies to respond to and recover from an incident or breach.
• Familiar with application vulnerability/security frameworks and standards such as OWASP SANS CVE CWS CVSS etc.

Preferred Qualifications (Desired):

• Experience in a Health Exchange or its partners would be a plus.
  
• CompTia Security CISSP or other industry recognized certifications.
• Experience with administering serverless cloudbased enterprise applications and environments.
• Experience and general understanding of objectoriented coding (Java Python .Net etc.).
• Excellent understanding of emerging cybersecurity threats.
• Understanding of core Internet protocols and routing (e.g. DNS TCP/IP UDP IPSEC routing protocols etc).
• Operational understanding of cryptography fundamentals (e.g. SSL/TLS password security filesystem encryption etc.).
• Good understanding of security information and event management tools.
• Candidate have experience with the following Software and Services:
• Cloudflare
  
• Azure Sentinel
• Tenable Nessus
• Rapid7 AppSec Insight Vulnerability Management
• BurpSuite
• Ostorlab
• Microsoft Defender
• RecordedFuture
• KnowBe4
• Microsoft Purview
• Microsoft Threat Model
• Jira
• Confluence
• SolarWinds Orion
• PowerShell
• GitHub
• GitHub Advanced Security
• SolarWinds ServiceDesk
• SQL Server Studio
• Postman
  

Position Requirements: Strong understanding of cloud computing technologies including, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Proficient in designing security controls, security tools needs/assessment and technology services. Experience working with containerized and micro architecture platform as per the industry best practices. Excellent understanding of securing Software Development Life Cycle (SDLC), architecture design and IT operations, and integrating application security into CI/CD pipeline. Experience working with threat modeling frameworks (e.g., STRIDE, MITRE ATT&CK, etc.). Experience with common vulnerability management process including scanning, analyzing, reporting, remediation planning and tracking. Experience working with application security testing tools such as dynamic application security testing, static application security testing, mobile application security testing, source code analysis, vulnerability management. Experience with common networking tools (e.g., Wireshark, tcpdump, netcat). Experience with security incident or breach investigation and development of strategies to respond to and recover from an incident or breach. Familiar with application vulnerability/security frameworks and standards such as OWASP, SANS, CVE, CWS, CVSS, etc. Benefits: Holiday Benefit: 10 Holidays per year Vacation Benefit: 10 Vacation Days per year. Accrued on weekly basis. Sick Leave Benefit: 5 Personal/Sick Leaves per year. Accrued on weekly basis Medical Insurance Reimbursement Benefit: Medical Insurance Allowance QSEHRA Reimbursement (Eligibility date dependent on enrollment. Employee purchase own plan) AFLAC Supplemental Insurance Plan: AFLAC Supplemental Insurance Plan 401 (K) Retirement Plan: 401 (K) Retirement Savings Plan Salary Range=$122000 - $124000 with Benefits.

Job Tags

Holiday work,

Similar Jobs