Security Analyst

Description *Applicants MUST be authorized to work in the U.S. We are unable to Sponsor or take over Sponsorship of an Employment and/or Student Visa at this time or any time in the near future for sponsorship.*If you are on OPT student visa, a student does not need sponsorship from the employer, HOWEVER, beyond the initial 12 months or additional 24 months on OPT, a student MUST still state "YES" that you will require employment visa sponsorship in the FUTURE on the application.Summary of This Role

Develops, configures, documents, and maintains information security tools and solutions. Installs and configures intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Ensures that threats and vulnerabilities to the organization’s business systems and applications (both in-house and cloud-based) are minimized. Manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Monitors overall compliance with security standards and conducts periodic security reviews.

What Part Will You Play?

• Will work with infrastructure teams to maintain information security; will review legacy systems for patching and mis-configurations; will review new systems prior to production deployment for security gaps
• Will manage program updates on a weekly and monthly basis
• Manage and review compliance scans for remediation needs. Work with DevOps and Application teams to identify and schedule remediation as needed
• Will provide support for key parallel security and compliance programs including security analysis, SOX, PCI, and SOC compliance audits
• Will deploy, configure, maintain, and troubleshoot security tools on Windows and Linux systems in traditional data centers and in Cloud environments, including Azure and AWS
• Will schedule and submit applications for SAST and DAST scanning, following up with development teams for remediation as necessary
• Will collaborate with DevOps team to deploy and maintain SAST as part of DevOps continuous build and deployment
• Will Interact with Atlassian systems including the JIRA ticketing system to assign and receive work requests
• Support the PCI compliance function by helping to accumulate control evidence
• Backfill IT Ops or Engineering support esp. with regard to managing security tools and Cloud based Firewalls
  
  

What Are We Looking For in This Role?

Minimum Qualifications

• Bachelor of Computer Science, InfoSec, or comparable experience
• 2+ years of experience in Security Engineer or cybersecurity role
• 2 + years experience in Dev/Ops in Windows and/or Linux environments and Cloud hosting
  
  

Preferred Qualifications

• CISSP, CEH, Security+
• AWS Security, Linux or Microsoft certifications
• Experience with PCI auditing
• Experience with SDLC software development and/ or experience with Agile software development
• Experience with Bash, Powershell, PHP languages to aid in security review and analysis
• Experience with CIS benchmarking and security tools
  
  

What Are Our Desired Skills and Capabilities?

• Skills / Knowledge - A seasoned, experienced professional with a full understanding of area of specialization; resolves a wide range of issues in creative ways. This job is the fully qualified, career-oriented, journey-level position.
• Job Complexity - Works on problems of diverse scope where analysis of data requires evaluation of identifiable factors. Demonstrates good judgment in selecting methods and techniques for obtaining solutions. Networks with senior internal and external personnel in own area of expertise.
• Supervision - Normally receives little instruction on day-to-day work, general instructions on new assignments.
• Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs
• Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.
• Incident Response - Knowledge and skills to contribute to all phases of Incident Response.
  
  

*Applicants MUST be authorized to work in the U.S. We are unable to Sponsor or take over Sponsorship of an Employment and/or Student Visa at this time or any time in the near future for sponsorship.*If you are on OPT student visa, a student does not need sponsorship from the employer, HOWEVER, beyond the initial 12 months or additional 24 months on OPT, a student MUST still state "YES" that you will require employment visa sponsorship in the FUTURE on the application.