IT - Senior Security Analyst
- Posted: over a month ago
At Precise Solutions, we are looking for top talent consultants to bring on as employees of our organization and service our clients in the various Life Sciences Industries. We are much more than a staffing firm! Precise Solutions provides competitive compensation packages with benefits, health insurance, paid time off, and employer-based 401k contributions.
We currently have an immediate need for the following:
Job Title: Senior Security Analyst
Location: Remote US Central Standard Time (Illinois)
Compensation: $65.00 per hour based on experience, plus benefits (Paid Time off, Company 401k contributions, health, dental, and vision insurance). Total Annual Compensation including benefits is $150.000
Note: Please do not submit resumes with candidate photos.
Client is looking for a Information Security is looking for a highly motivated, diligent, and skillful analyst to join the Attack Surface Management (ASM) team. The client’s Application Security team protects the clients’ patients, data, and brand by identifying vulnerabilities and threats to our organization and working to drive remediation of identified security risks. Application Security is a capability of ASM within the larger Cyber Security Operations (CSO) function. Join us as Associate Security Analyst, Application Security to support and improve our efforts to identify and reduce the clients’ attack surface and help our business continue to have remarkable impacts on people’s lives.
The Associate Application Security Analyst is a key member of the Attack Surface Management team and works with internal and external groups to identify and drive remediation of information security risks across all the clients’ web application environments. The Application Security Analyst will:
The ideal candidate must have prior experience leading manual web and mobile application security penetration tests within an enterprise environment and working with application stakeholders to discuss vulnerabilities and remediation options.
- Maintain awareness of the latest critical information security vulnerabilities, threats, and exploits
- Provide guidance on existing and emerging threats in the web and mobile application space as they apply within the client’s environment
- Facilitate application demonstration sessions with developers and application owners to educate the Application Security team on application functionality prior to performing technical security assessments
- Assist in conducting and facilitating security reviews, as directed by senior team members, throughout the application development lifecycle, including tasks such as:
- Performing and improving security assessments for the client’s applications across the enterprise
- Documenting application security vulnerabilities within the client’s tracking system
- Communicating vulnerabilities to application stakeholders
- Assist in communicating technical application security concepts to customers, including developers, architects, and managers
- Assist in training customer staff on application security and remediation of application security code defects
- Identify enhancements to tools, standards, and processes; provide input into policies and procedures, and contribute to the implementation and refinement of the strategy for the Application Risk program on a global basis
- 1-2 years of direct enterprise-level software development experience in any of the following:
- Net Framework (C#, VB, ASP)
- Web Applications (N-Tier)
- Mobile/Application Services
- 1-2 years of direct application security and/or security developer experience
- Demonstrate knowledge of web application vulnerabilities and web application business logic flaws and threats
- Demonstrate understanding of application architectures and technology, including web applications, mobile technology, data encryption, and identity and access management.
- Hands-on Experience with manual vulnerability testing and static code analysis is strongly desired.
- Experience with tools such as Burp Suite, ZAP Proxy, Metasploit, and other open-source security tools
- Candidate must have an understanding of security controls such as Authentication, Authorization, Access Control, Cryptography, and Network Protocols along with security standards: OWASP Top 10, SANS 25, NIST, and CVE
- Written and verbal communication skills are critical
- Adept at communicating concepts to diverse audiences with varying skill sets
- Certification such as OSCP, OSWE, or ECSA is a plus
This position is part of the client’s Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology while also effectively managing risk.
Powered by JazzHR
AddressLake County, IL
Real EstateView all jobs at Precise Solutions
What email should the hiring manager reach you at?