Vakante Jobangebote finden Sie unter Projekte.
Security Analyst Job
Eingestellt von Yoh
Gesuchte Skills: Support, Design
Projektbeschreibung
Top Skills You Should Possess:
- Perform Security Risk Assessments/Application Security is a must
- Penetration Testing
- NERC-CIP and ISO 27001
What You'll Be Doing:
- Per Project Assessments (80%)
- Perform and document security assessments for a variety of projects at various stages of the project life cycle.
- Review design documents and interview subject matter experts to understand the architecture and design of the project deliverables and document risks and recommendations.
- Perform code review, as needed, to validate that secure software has been delivered. Document risks and recommendations.
- Perform functional security testing and abuse testing to validate that security controls were implemented as designed.
- Perform penetration tests of project deliverables and/or coordinate pen testing by third-party consultants.
- Document risk acceptances to obtain approvals for residual risks.
- Program Work (20%)
- Document a decision tree to determine the specific security assessments that need to be performed on a project deliverable based on risk (ie pen tests may not be needed for all software).
- Enhance security assessment review templates to ensure that all analysts have clear and consistent criteria for assessments and that the process is streamlined for efficiency.
- Participate in Joint Security Assessment Review Committee (JSARC) team meetings to refine the program.
- Review the assessments of other security analysts as part of the JSARC and vote on the assessments and recommendations.
- Support the risk assessment process in line with Client's ISO 27001 information security management system.
- Support the review of security controls for overall adherence to ISO 27001, NERC CIP, and SSAE-16 requirements.
What You Need to Bring to the Table:
- Bachelor's degree in computer science, information systems, information assurance, or a related field.
- Five (5) or more years of professional experience in information security.
- Experience performing tabletop/paper-based security assessments.
Bonus Points! Otherwise Known As Preferred Qualifications:
- Advanced degree is preferred.
- Hands-on penetration testing experience is preferred.
- Security certifications - CISSP and CEH is preferred.
IF THIS SOUNDS LIKE YOU, APPLY NOW!
RECRUITER: Diana Allen
J2W: INFOTECH
TAX TERM: CON_W2J2WNWIT
Ref:
SFSF: REN
Projektdetails
-
Einsatzort:
Norristown, Vereinigte Staaten
-
Projektbeginn:
asap
-
Projektdauer:
Keine Angabe
- Vertragsart:
-
Berufserfahrung:
Keine Angabe
Geforderte Qualifikationen
-
Kategorie:
Medien/Design, Sonstiges