Job Description
We have an urgent requirement for Sr. Tester position with our client.
Security Analyst - Senior-Level - Remote
Duration: 24 Months
Location: Remote Mandatory Requirements - A Bachelor's degree in Computer Science, Information Systems, Engineering, Cybersecurity or a related field.
- At least 7 years of Information Security experience in specialized roles such as penetration testing, application development, application security testing.
- 5-7 years in software development or IT security related fields.
- 1-3 years of experience as a Cloud Security architect or related position.
Formal education in Computer Science, Information Systems, Engineering, Cybersecurity or a related field can be substituted for the following years of experience: Master's degree 1 year - Strong understanding of cloud computing technologies including, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
- Proficient in designing security controls, security tools needs/assessment and technology services.
- Experience working with containerized and micro architecture platform as per the industry best practices.
- Excellent understanding of securing Software Development Life Cycle (SDLC), architecture design and IT operations, and integrating application security into CI/CD pipeline.
- Experience working with threat modeling frameworks (e.g., STRIDE, MITRE ATT&CK, etc.).
- Experience with common vulnerability management process including scanning, analyzing, reporting, remediation planning and tracking.
- Experience working with application security testing tools such as dynamic application security testing, static application security testing, mobile application security testing, source code analysis, vulnerability management.
- Experience with common networking tools (e.g., Wireshark, tcpdump, netcat).
- Experience with security incident or breach investigation and development of strategies to respond to and recover from an incident or breach. Familiar with application vulnerability/security frameworks and standards such as OWASP, SANS, CVE, CWS, CVSS, etc.
Desirable - Experience in a Health Exchange or its partners would be a plus.
- CompTia Security+, CISSP or other industry recognized certifications.
- Experience with administering serverless, cloud-based enterprise applications and environments.
- Experience and general understanding of object-oriented coding (Java, Python, .Net, etc.).
- Excellent understanding of emerging cybersecurity threats.
- Understanding of core Internet protocols and routing (e.g., DNS, TCP/IP, UDP, IPSEC, routing protocols, etc).
- Operational understanding of cryptography fundamentals (e.g., SSL/TLS, password security, filesystem encryption, etc.). Good understanding of security information and event management tools.
- Cloudflare
- Azure Sentinel
- Tenable Nessus
- Rapid7 AppSec, Insight Vulnerability Management
- BurpSuite
- Ostorlab
- Microsoft Defender
- RecordedFuture
- KnowBe4
- Microsoft Purview
- Microsoft Threat Model
- Jira
- Confluence
- SolarWinds Orion
- PowerShell
- GitHub Advanced Security
- SolarWinds ServiceDesk
- SQL Server Studio, Postman, GitHub
Job Tags
Immediate start, Remote job,