posted May 29
Information Security Analyst
Job Location: Remote
Salary: $40 - $42 an hour
Key Responsibilities:
- Analyze code scan output from Veracode and SonarQube, along with remediation recommendations from these tools.
- Assess security risks associated with code vulnerabilities and develop a prioritization strategy that mitigates the most critical issues efficiently.
- Convert scan results and remediation recommendations into well-defined stories within Atlassian Jira, aligning with the Scaled Agile Framework (SAFe) for collaboration with development teams.
- Draft policies, procedures, and best practices for publication in Atlassian Confluence to ensure consistent security practices across the organization.
- Monitor and validate the completion of all remediation work through subsequent code scans.
- Provide regular progress updates to the information security manager.
- Collaborate with development teams to implement secure coding practices and address identified vulnerabilities.
Required Skills and Experience:
- 2-5 years of experience in information security, with a focus on code and vulnerability analysis.
- Strong knowledge of manual audit, code reviews, and remediation techniques.
- Proficiency in using Veracode and SonarQube toolsets for code scanning and vulnerability assessment.
- Expertise in Java programming language and familiarity with secure coding standards and guidelines such as OWASP Top Ten, CERT/CC, MITRE, Sun, and NIST.
- Experience working with Atlassian toolsets, particularly Jira, ServiceDesk, and Confluence.
- Understanding of authentication, authorization, session management, and secure communication mechanisms.
- Familiarity with Windows and Linux operating systems.
- Experience working with ORACLE and MSSQL databases.
- Knowledge of third-party library security analysis and the ability to identify potential security leaks.
- Excellent problem-solving and analytical skills, with the ability to translate technical findings into actionable tasks for development teams.
- Strong communication and collaboration skills to effectively work with cross-functional teams.
Preferred Qualifications:
- Relevant certifications such as CISSP, CSSLP, or CEH are a plus.
- Experience with automated security testing tools and continuous integration/continuous deployment (CI/CD) pipelines.
- Knowledge of additional programming languages such as Python, C++, or C#.
- Familiarity with cloud security best practices and securing cloud-based applications.
Job Type: Contract
Pay: $40.00 - $42.00 per hour
Expected hours: 40 per week
Benefits:
- Paid time off
Schedule:
- Monday to Friday
Education:
- Bachelor's (Required)
Experience:
- Information security code analysis and review: 3 years (Required)
- Java and secure coding standards: 3 years (Required)
- Veracode: 3 years (Required)
- Atlassian toolset Jira, ServiceDesk and Confluence: 3 years (Required)
- CISSP, CSSLP or CEH certifications: 1 year (Preferred)
Work Location: Remote
🚀
Related Jobs
- Company
- IQVIA
- Post Date
- Aug 23 Remote
- Title
- Business Analyst
- Type
- $105,800 - $176,300 a year
- Location
- Remote
- Company
- Intone Networks
- Post Date
- Aug 23 Remote
- Title
- Business Data Analyst
- Location
- Remote
- Company
- Elevance Health
- Post Date
- Aug 21 Remote
- Title
- Workforce Mgmnt Analyst (contract)
- Type
- $18.18 - $40.16 an hour
- Location
- Remote
- Company
- Humana
- Post Date
- Aug 15 Remote
- Title
- Data and Reporting Analyst
- Type
- $59,100 - $81,500 a year
- Location
- Remote
- Company
- Collaborative Solutions
- Post Date
- Aug 15 Remote
- Title
- Workday Integrations & Reporting Analyst
- Location
- Remote