Information Security Analyst/Engineer

Overview

Remote
$55
Contract - W2
Contract - 06 Month(s)

Skills

Information Security Analyst/Engineer

Job Details

Immediate need for a talented Information Security Analyst/Engineer. This is a 06+ months Contract opportunity with long-term potential and is located in EST(Remote). Please review the job description below and contact me ASAP if you are interested.
Job ID: 24-18879

Pay Range: $55/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location).

Key Responsibilities:

  • Assess Security Risk from an Architectural Perspective and Apply a Risk-Based Approach to Security
  • Generate application treat models in a quick paced environment
  • Manage workloads using Kanban methodologies to estimate and track task deliveries
  • Mentor, assist, and share your expertise with team members
  • Attend regular standups and team meetings
  • Identify and be able to explain security weaknesses to a variety of audiences to include but not limited to software development teams
  • Hold brown bag sessions to educate developers on the value and benefit that they and the firm derive by identifying threats early
  • Develop training material for how to engage the Threat Management service, make use of technologies, and interpret findings.
  • Drive beneficial security change into the business through supporting Developers with creation of threat models for their applications and remediation of potential threats, balancing risk against business need.
  • Support the Security Architecture team to develop and mature an Application Threat Modeling Program by defining processes, procedures, controls, KRI s/KPI s, etc., that identify threats early in the development process reducing risks prior to deployment.
  • Work with the InfoSec functional teams in the development of the Information Security strategy and roadmap, including and with focus on Threat Modeling; liaison and consult with Enterprise Architecture, IT and the business for ongoing input and awareness
  • Advise and Contribute to Strategy and Roadmaps

Key Requirements and Technology Experience:

  • Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
  • Demonstrated experience developing technical threat models
  • Demonstrated experience performing security code reviews and explaining results to project teams
  • Previous or active experience with bug bounty programs
  • Experience working in Sprint or Agile environments
  • Strong understanding of protocols, networking, firewalls, caching, VIPs, proxies, web applications, and database systems
  • Experience with AWS and Azure or working knowledge of Google Cloud Platform
  • Knowledge of several of the following programming languages; Java, C#, Python, C++, Node.JS, JavaScript
  • Knowledge in one or several of the following Frontend frameworks; React, Angular, Ember, Vue
  • Minimum of 3 years experience working as an Information Security Threat Modeling subject matter expert at a senior level
  • Minimum of 5 years experience working as an Information Security Professional, preferably within the architecture or engineering disciplines
  • Passion for leading change and ability to bring others along
  • Desirable) Able to provide references to CVEs filled, Bug Bounty Username, or GitHub repositories
  • Desirable) One or more security-related certifications associated with AWS, Google Cloud Platform, or Azure
  • Desirable) CISSP (+ ISSAP), CCSP, CEH, OSCP, CSSLP
  • 3+ Threat models, sprints in agile development, Strong understanding of access controls and authentication mechanisms, PKI, and cryptography
  • Preferred: CCSP(Certified Cloud Security Professional), OSCP( OffSec Certified Professional), Able to provide references to CVEs filled, Create and find threats.

Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration.

Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.