AVID Technical Resources is partnering with our client to find a Security Analyst 1 for a permanent opportunity in Des Moines, IA.
Responsible for the technical monitoring, implementation, and documentation of company information security policies, controls, and procedures to assure the confidentiality, availability, and integrity of system and computing assets and sensitive data of the company and its network participants. This includes a primary responsibility for knowledge and expertise in cyber incident response. Additionally, responsible for managing the application and code scanning vulnerability management controls and processes; and maintaining the application and code vulnerability scanning architecture, policies, software, and other solution components.
1. Conduct the initial analysis of various system log files and platform monitoring applications to immediately identify and respond to potential security concerns.
2. Familiar with all the phases of the software development lifecycle.
3. Represent the Corporate Security department, as assigned, by leading the detailed review of
highly technical large and small scope IT projects as part of the company’s risk management and Security Certification & Accreditation process.
4. Conduct detailed technical evaluations of newly acquired technology and application code and configurations for potential security vulnerabilities affecting the company’s computing platform
5. Help develop an application and source code scanning program and proactively contribute to the integration of secure coding practices throughout the enterprise SDLC.
6. Work with developers and non-developers to understand application scan results and possible mitigations.
7. Provide extensive input into the iterative development of the Corporate Security program.
8. Monitor emerging threats within the technology and applications development field for proactive remediation.
9. Knowledgeable in the configuration and use of common development tools.
10. Capable of assessing impacts to code within a siloed application.
11. Capable of utilizing "domain knowledge" to assess impacts within and across application silos.
12. Knowledgeable in at least one development language.
13. Accurately estimate effort required to complete assigned tasks and completes assigned tasks on schedule.
14. Participate in cross-departmental project teams as requested.
15. Maintain individual skill set by seeking out training where greater skill is required; mentor other employees by sharing experience and knowledge.
16. Support on-call rotation on a regular schedule. Physical presence when necessary within 60-90 minutes to resolve security issues.
17. Maintain regular and consistent attendance at such level as is determined in the employer’s sole discretion.
1. While this job description is intended to be an accurate reflection of the job requirements, management reserves the right to modify, add or remove duties from particular jobs and to assign other duties as necessary.
Working toward an Associate’s or Bachelor’s Degree in Computer Science, Information Technology, or related area of concentration. Security +, Networks+, CASS, CSSLP. GWEB or similar professional designations strongly preferred.
Additional years of related experience may be substituted for the educational requirement.
Minimum of two years’ experience in applications development and systems/application security. Ability to apply technical security concepts to mainframe and internet based systems and application. Experience in application vulnerability scanning and web application firewalls a plus.
Ability to review documentation and input, access and retrieve information to and from a computer for hours at a time, at a rate of not less than 40 wpm.
Ability to physically respond in person to the facility within 60-90 minutes of a page to resolve a customer problem 24 hours a day, 7 days per week.
Ability to communicate via the telephone, in person and through correspondence with users, fellow employees and managers, especially in critical time certain situations when there are system problems impacting customers.
Ability to work under the pressure of deadlines, an aggressive marketing plan and continuous improvement culture.
Ability to think independently and provide self-direction, solve various problems and make informed, rational decisions.
Ability to work under the pressure induced by assisting in maintaining a 99.995 up time goal, 24 hours a day, 7 days per week.
Ability to learn complicated, technical computer hardware and software theory, practice, and application.
Ability to analyze requirements and data to derive a security solution to fulfill customer requirements.
Must participate as a team member in a team's conflict resolution and consensus building process, as well as assisting in maintaining positive team morale and team cohesion.
Ability to work in an environment where constructive feedback from others is encouraged.
Must not pose a direct threat or significant risk of substantial harm to the safety or health of himself/herself or others.
Must be committed to a high standard of safety and be willing and able to comply with all safety laws and all of the employer’s safety policies and rules and must be willing to report safety violations and potential safety violations to appropriate supervisory or management personnel.
Must be available to work scheduled hours and overtime as the employer determines is necessary or desirable to meet its business needs and to cooperate and promote goodwill in the image of ITS, Inc.
Must be available and willing to work such weekends and holidays as the employer determines are necessary or desirable to meet its business needs.
Ability to work in an environment that often has miscellaneous cubicle noise (ex: may hear others’ phones, conversations, radios, etc.), fast pace, high expectations, and frequent interruptions.
Employees in this position must possess a valid driver license if driving on company business. If at any point the driver license becomes invalid, the employee must report this to management before driving on company business.
Ability and willingness to travel to such locations and with such frequency as ITS, Inc. determines is necessary or desirable to meet its business need.
About AVID Technical Resources:
AVID (Applications, Voice, Internet, Data) Technical Resources is a contract and permanent IT recruiting company. Headquartered in Boston, AVID specializes in placing information technology professionals with either an Infrastructure Support or Applications Development background.
Since our inception in 2003, AVID has grown to be among the leading IT recruiting firms in the area. This explosive growth has led to a number of awards and recognition. Inc. Magazine recently listed AVID on their exclusive Inc. 500/5000 Fastest Growing Privately-Held Companies in the US. AVID was named one of the Leading IT Staffing Agencies in the Northeast by Forbes Magazine and the Boston Business Journal ranked AVID Technical Resources the 7th Fastest Growing Privately-held Company in Massachusetts.
Contact one of our IT recruiters today: www.avidtr.com.