This site uses cookies. To find out more, see our Cookies Policy

InfoSec Analyst Lead (CW6) in Columbus, OH at Fast Switch

Date Posted: 3/13/2019

Job Snapshot

  • Employee Type:
    Contractor
  • Location:
    Columbus, OH
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    3/13/2019

Job Description

Job ID: 51775

InfoSec Analyst Lead. We have a contract-to-hire opportunity available in Columbus, Ohio for a qualified InfoSec Analyst Lead. As part of the Cyber Risk team, this person will interact with technical and business units to plan and implement information security solutions and information security testing activities. He or she is responsible for penetration testing, managing offshore penetration testing of web applications, monitoring remediation and validation efforts and maintaining metrics regarding the status of open/closed issues. 

POSITION RESPONSIBILITIES:

  • Researches the latest security testing tools and methodologies regarding Interactive Application Security Testing (IAST), Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST).
  • Conduct security assessments and compliance reviews; assist with Security Policy and Procedure maintenance and training.
  • Support the design, implementation, operation and maintenance of security applications and testing tools based upon the established security architecture.
  • Collaborate with Application Development teams to plan and execute web application security testing, interpret resultant reports and work with application developers to complete remediation.
  • Plan, coordinate, schedule enterprise-wide risk assessments and penetration testing activities.
  • Prepare, validate, and maintain security testing documentation including, but not limited to: risk assessments, and enterprise penetration testing.
  • Provide validation of security control tests for cloud service providers.
  • Coordinate and facilitate actions being performed by third-party vendors.

MUST HAVE:

  • Must have demonstrated knowledge of penetration testing methodologies and tools, such as AppScan, Rapid7, BurpSuite, Seeker, Veracode, ReadyAPI.
  • Strong knowledge of the latest security testing tools and methodologies regarding Interactive Application Security Testing (IAST), Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST).
  • Robust knowledge of common attack methodologies, tactics, protocols and remediation strategies.
  • Moderate to Advanced knowledge or IDS/IPS systems.
  • Moderate knowledge of Firewall and Proxy technology.
  • Advanced knowledge of malware operation and indicators.
  • Moderate knowledge of vulnerability management processes and remediation actions.
  • Coordinate and facilitate actions being performed by our 3rd party vendors (i.e Penetration testing).
  • Must have a minimum of five years information security experience. A CISSP is preferred or expected to be obtained.
  • Ethical Hacker Certification preferred.
  • Excellence in communicating business risk from cybersecurity issues.
  • Demonstrated effective interpersonal, verbal, and written communication skills.
  • Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

NICE TO HAVE:

  • Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, DNS, etc.).
  • Moderate knowledge of Data Loss Prevention monitoring.
  • Moderate knowledge and experience with Cloud technologies (Amazon, Azure, Google Cloud).
  • Moderate knowledge of DevOps Security, implementing and supporting solutions.
  • Moderate knowledge of URL filtering.
  • Knowledge of NIST CSF and other NIST guidelines and standards and how they relate to and compliment a System Development Life-Cycle (SDLC). It may also include industry and international guidelines and standards such as PCI, ITIL and ISO.
  • Moderate knowledge of multi-factor authentication and privileged account monitoring.

To view all our open positions, please go to: http://www.jobs.net/jobs/fastswitch/en-us/all-jobs/