Skip to main content

This job has expired

Sr. Lead Cybersecurity Analyst

Employer
StevenDouglas
Location
Mclean, VA
Closing date
Dec 9, 2019

View more

As the Senior Lead Cyber Security Analyst, you will lead the security assessments across a variety of 3rd Party vendors, commercial off-the-shelf products (COTS), custom applications and platforms. You will work closely with both external vendors and product (application) team to help implement security solutions that are tailored to the specific risks facing the organization, including threat modeling and applications security consulting services. You will be a critical component to help manage the compliance of policies and standards as a function of an end-to-end SDLC project lifecycle. You will play a meaningful role in maintaining the controls that enable our organization to operate efficiently, cost effectively, and within compliance standards. You will also assist others in interpreting, understanding, and applying security policies and standards to mitigate information security risks. This position works closely with other members of the Information Security and Legal Compliance organizations, in a coordinated and focused manner. More specifically, you will: Conduct vendor and application security assessments and act as a security escalation point for project teams. Author reports with detailed findings descriptions, and prioritized recommendations. Support the evaluations of technologies and software products to figure out feasibility and desirability of incorporating their capabilities within the product suite. Contribute to the ongoing collection, development, review, and adoption of architecture and development standards and standard methodologies. Actively participate in the governance process associated with application security and technology standards. Communicate the results and recommendations for improvements effectively to junior and senior level staff. Supervise contractors and consultants based on demand and project needs. What are we looking for?We believe the success in this role will demonstrate itself through the following attributes and skills: Social communicators, who will positively influence our team members/partners and who will communicate effectively at all levels Dedicated, ambitious individual with good time management and attention to detail Knowledge of hospitality IT systems and applications Knowledge of two or more following technologies: Gitlab, Atlassian Stack, Node.js, React, Graphql and NOSQL databases such as Couchbase Exposure to C++, J2EE, Java, C# and/or, .Net development Experience reviewing vendor and application design, software framework, and infrastructure to identify issues. Capable of assessing underlying components (eg, databases, servers), configuration, and security access controls Experience with static code scan tools (eg, Fortify, Checkmarx) and dynamic scanning tools (eg, Rapid7, AppScan, Burp, Qualys) Experience working with development methodologies (eg, Waterfall, Agile, RUP) Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing (eg, GDPR, ISO 27001, Cloud Security Alliance, NIST 800-53, PCI DSS, SOC2) Self-starters, who take initiative in implementing goals, utilizing analytical skills, and possessing adaptability to change To fulfill this role successfully, you must possess the following minimum qualifications and experience: Five (5) years' experience in the Information Technology/Information Security industry, product development, and web development on J2EE platforms Two (2) years professional experience IT-related risk assessment activities Experience in Project Leadership or Project Management Certified in cyber security certifications such as CISSP, CEH, GCIA, OSCP and OSCE Experience with typical scripting and programming languages such as PowerShell, Python, VBA, JavaScript, C++ and SQL It would be advantageous in this position for you to demonstrate the following capabilities and distinctions: Bachelor's Degree OR Associate's Degree plus six (6) years of Technology related experience OR High School Diploma/GED plus twelve (12) years of Technology related experience Three (3) years of consulting experience (internal or external) Two (2) years' experience working on product development and web development on J2EE platforms One (1) year of experience working with AWS/Azure Cloud design and architecture such as SaaS, IaaS and/or PaaS

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert