Senior Cyber Security Analyst

• Considered subject matter expert within discipline
  
• Solves complex problems; takes a broad perspective to identify innovative solutions
  
• Can either work independently on in teams
  
• Requests guidance in complex situations or when needed
  
• Interprets challenges and recommends best practices to improve processes
  
• Capacity to lead functional teams or projects to solve complex problems and deliver solutions.
  
• Communicates difficult concepts and negotiates with others to conclude on goalcentric points of view
  
• Provides resolution support to wide array of issues that are complex in scope.
  
• Contributes to departmental business planning and solution design
  
• Uses expert level Cyber Security knowledge base to complete tasks.
  
• Intrinsic understanding of software development life cycles
  
• Excellent oral and written communication skills
  
• Understanding of security by design principles architecture concepts & security frameworks (NIST PCI OWASP etc.)
  
• Knowledge of current and emerging security technologies threats and techniques for exploiting security vulnerabilities in
  
• the code or application
  
  

Requirements

• 6 years of experience working with systems deployed on AWS
  
• 4 years of technical experience in Incident Management for AWS Cloud solutions
  
• 1 years of experience with AWS Incident Detection and Response
  
• Demonstrated experience using Splunk for Incident Management and processes supported by Okta CIAM PhishER PagerDuty Imperva CrowdStrike AWS Guard Duty Defender for Cloud Apps etc.
  
• Incident Management (2 years minimum)
  
• Risk Management techniques (2 years minimum)
  
• Vulnerability Management
  
• Web Application Firewalls such as Imperva
  
• As a subject matter expert or stakeholder has previously supported information security audits in any of the following
  
• frameworks or regulations: PCI DSS NIST SOC 1 or 2 ISO 27001 SarbanesOxley (SOX) or HITRUST
  
• Experience in analyzing threats of cloud and application components such as findings from Security Assessments
  

• Familiarity with Jira GitHub Okta WordPress Qualys VMDR Jenkins Rancher Terraform Snyk & Contrast
  
• Familiarity with some of the following concepts:
  
• SAST (Static Application Security Testing)
  
• DAST (Dynamic Application Security Testing)
  
• SCA (Software Composition Analysis)
  
• SBOM (Software Bill of Materials)
  
• Image Scanning
  
• SOAR (Security Orchestration Automation and Response) good if experienced in
  
• IaC (Infrastructure as Code)
  
• Threat Modeling
  
• PenTesting (Web App Mobile External)
  
• CSA (Cloud Security Assessment)
  
• Familiarity with Java (including npm and Maven) Docker & Kubernetes