Security Analyst - Elegant Enterprise- Wide Solutions : Job Details

Proposed Expert Level Resource must have:A Bachelor's degree in Computer Science, Information Systems, Engineering, Cybersecurity or a related field. At least 10 years of Information Security experience in specialized roles such as penetration testing, application development, and application security testing.7-10 years in software development or IT security related fields.3-5 years of experience as a Cloud Security architect or related position.Formal education in Computer Science, Information Systems, Engineering, Cybersecurity or a related field can be substituted for the following years of Experience:Master's degree1 yearProposed Expert Level Resource must have demonstrated experience in the following:Strong understanding of cloud computing technologies including, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).Proficient in designing security controls, security tools needs/assessment and technology services.Experience working with containerized and micro architecture platform as per the industry best practices. Excellent understanding of securing SDLC, architecture design and IT operations, and integrating application security into CI/CD pipeline.Experience performing application security code and roles matrix review and practical risk assessments.Experience working with threat modeling frameworks (e.g., STRIDE, MITRE ATT&CK, etc.).Experience with common vulnerability management process including scanning, analyzing, reporting, remediation planning and tracking.Experience working with application security testing tools such as dynamic application security testing, static application security testing, mobile application security testing, source code analysis, vulnerability management.Experience with common networking tools (e.g., Wireshark, tcpdump, netcat).Experience with security incident or breach investigation and development of strategies to respond to and recover from an incident or breach.Familiar with application vulnerability/security frameworks and standards such as OWASP, SANS, CVE, CWS, CVSS, etc.It's desirable for proposed Expert Level Resource to have: Experience in a Health Exchange or its partners would be a plus.CompTia Security+, CISSP or other industry recognized certifications.Experience with administering serverless, cloud-based enterprise applications and environments.Experience and general understanding of object-oriented coding (Java, Python, .Net, etc.).Understanding of core Internet protocols and routing (e.g., DNS, HTTP, HTTPS, TCP/IP, UDP, IPSEC, routing protocols, etc.).Operational understanding of cryptography fundamentals (e.g., SSL/TLS, password security, filesystem encryption, etc.).Good understanding of security information and event management tools.Excellent understanding of emerging cybersecurity threats.It's desirable for proposed Expert Level Resource to have experience with the following Software and Services:Cloudflare Azure Sentinel Tenable Nessus Rapid7 AppSec, Insight Vulnerability Management BurpSuite Ostorlab Microsoft Defender RecordedFuture KnowBe4 Microsoft Purview Microsoft Threat Model Jira Confluence SolarWinds Orion PowerShell GitHub GitHub Advanced Security SolarWinds ServiceDesk SQL Server Studio Postman.