Information Security Analyst/Administrator

AVA Consulting is an Information Security Analyst/Administrator

Location: Mason, OH (hybrid)

U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.

Job Description:

• The IS Application Security Analyst will support the execution, planning, and administration of the Vulnerability Management function within Information Security (IS). The Vulnerability Management Analyst executes core processes in the vulnerability management program focused on vulnerability assessments, penetration testing and social engineering. Additionally, they will support the remediation of vulnerabilities resident within systems to minimize the organizations' potential attack surface for exploitation.
• The Analyst will provide oversight, drive, facilitate and coordinate the management of vulnerabilities across the enterprise. The Analyst must understand underlying application code approaches in order to effectively review and respond to application security scans. While technical involvement is required, this role is not intended to perform direct remediation. The Analyst will support automated scans and may provide post-development testing assistance to validate that vulnerability remediation efforts are appropriately tested.

Responsibilities:

• Monitor and analyze vulnerability assessment data to identify and communicate technical risks to the organization
• Support the identification and impact classification for new vulnerabilities identified in the environment
• Execute and support vulnerability assessments, penetration testing and social engineering activities
• Provide the Information Security and IT Security team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures
• Review and interpret application security scan results with an understanding of underlying code structures to provide effective feedback
• Provide post-development testing support to ensure vulnerability remediation items are validated and tested appropriately
• Facilitate vulnerability management processes by tracking and coordinating remediation efforts across multiple teams
• Ensure timely closure of security gaps by working with application, infrastructure, and operations teams
• Support IS in achieving the vision and strategic objectives of the vulnerability program
• Conduct analysis, aggregate and report on vulnerability data from various scanning tools and platforms
• Manage and utilize IS tools such as DLP, Code scanner, external security profile, etc. to analyze gaps in security controls
• Participate in the IT SDLC program to ensure that security is included in project by default and by design
• Develop strong working relationships with other departments and potentially clients across the organization to ensure a high degree of security compliance client satisfaction
• Assist with regulatory and compliance requirements, contributing to security audits, assessments, attestations, certifications and client vulnerability inquires
• Brief IS leadership on vulnerability assessment results and potential risks
• Support leadership to identify capability gaps in vulnerability management services
• Collaborate with cross-functional teams to improve security posture and embed security into existing IT and operational workflows
• Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function

NOTE: Interested Candidates can apply by sending their Updated Resume and Contact Details.

Ron Tolson

AVA Consulting

Fax:

Web: