Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.

Security Analyst Job

Eingestellt von Yoh

Gesuchte Skills: Support, Design

Projektbeschreibung

SENIOR SECURITY ANALYST needed for a CONTRACT opportunity with Yoh's client located in Norristown, PA.

Top Skills Should You Possess:
- Perform Security Risk Assessments
- Penetration Testing
- NERC-CIP and ISO 27001

What You'll Be Doing:
- Per Project Assessments (80%)
- Perform and document security assessments for a variety of projects at various stages of the project life cycle.
- Review design documents and interview subject matter experts to understand the architecture and design of the project deliverables and document risks and recommendations.
- Perform code review, as needed, to validate that secure software has been delivered. Document risks and recommendations.
- Perform functional security testing and abuse testing to validate that security controls were implemented as designed.
- Perform penetration tests of project deliverables and/or coordinate pen testing by third-party consultants.
- Document risk acceptances to obtain approvals for residual risks.
- Program Work (20%)
- Document a decision tree to determine the specific security assessments that need to be performed on a project deliverable based on risk (ie pen tests may not be needed for all software).
- Enhance security assessment review templates to ensure that all analysts have clear and consistent criteria for assessments and that the process is streamlined for efficiency.
- Participate in Joint Security Assessment Review Committee (JSARC) team meetings to refine the program.
- Review the assessments of other security analysts as part of the JSARC and vote on the assessments and recommendations.
- Support the risk assessment process in line with PJM's ISO 27001 information security management system.
- Support the review of security controls for overall adherence to ISO 27001, NERC CIP, and SSAE-16 requirements.

What You Need to Bring to the Table:
- Bachelor's degree in computer science, information systems, information assurance, or a related field.
- Five or more years of professional experience in information security.
- Experience performing tabletop/paper-based security assessments.

Bonus Points! Otherwise Known As Preferred Qualifications:
- Advanced degree is preferred.
- Hands-on penetration testing experience is preferred.
- Security certifications - CISSP and CEH is preferred.

IF THIS SOUND LIKE YOU, APPLY NOW!

RECRUITER: Diana Allen

Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer, M/F/D/V. Click here to contact us if you are an individual with a disability and require accommodation in the application process.

J2W: INFOTECH

TAX TERM: CON_W2J2WNWIT

Ref:

Enterprise: IT & Telecom

Projektdetails

  • Einsatzort:

    Norristown, Vereinigte Staaten

  • Projektbeginn:

    asap

  • Projektdauer:

    Keine Angabe

  • Vertragsart:

    Contract

  • Berufserfahrung:

    Keine Angabe

Geforderte Qualifikationen

Yoh