Sr. Remediation Analyst

Maryland Heights, MO - USA

Monthly Salary: Not Disclosed

Posted on: 6 hours ago

Vacancies: 1 Vacancy

Job Summary

Sr. Remediation Analyst
Maryland Heights MO

Job Summary:

Client is looking someone with cybersecurity auditor skill set. Someone who understands cybersecurity best practices and audit controls (primarily PCI DSS) and has the skills to perform a technical assessment of a thing to determine whether those requirements/standards/best practices are being met and can help with the technical guidance toward remediation and reporting. The candidate would need to be able to assist with documenting SOPs and configuration standards relevant to this subject matter as well. Needs to have experience in a server environment and AWS (or other public cloud). CISA or CCSP CSSP or CISSP would be a big plus but not required.

Responsibilities:

In a typical month this person will spend most of their time analyzing vulnerability and risk findings validating remediation claims and reporting on remediation progress and the remainder of their availability updating knowledge documentation learning and documenting complex procedures facilitating risk assessments responding to audit and security team requests for information submitting compliance related questionnaires regarding technical aspects of application platforms.

Some of this security analyst responsibilities include:

Creating and maintaining documentation on security related tools processes and best practices.
Collaborating with technical teams to improve observability.
Investigating security breaches and other cybersecurity incidents.
Assessing risk findings assigning them to fix teams and reporting remediation efforts and related challenges.
Gathering key information for exception requests including risk details action plans and remediation dependencies.
Partnering with security teams to improve data quality in security tools and external reports.
Clearly defining and developing new policies processes and training documents.
Hosting meetings with members of application security and leadership teams to communicate updates and changes to security postures.
Validating rendered evidence meets requirements to resolve compliance issues.
Educating application teams on security subject matter.

Work Experience

8 years in technology teams working in or around ITIL structured environments.
4 years in positions at least 50% dedicated to remediating security or compliance issues.
Experience validating technical and non-technical work to ensure requirements are satisfied.
Solid understanding of enterprise and application architecture models strongly desired including monolithic and microservice architecture. Key technologies: Unix Java JavaScript AWS.
At least 2 years as a systems engineer or software engineer or as an analyst responsible for translating business or functional requirements into technical solutions is strongly desired.
Expertise in Microsoft Excel or equivalent spreadsheet tool proficient in combining functions (.e.g. ISNA IF VLOOKUP) for data analysis.
Experience documenting in Atlassian Confluence using macros is desirable

Preferred Skills & Experience:

To be successful this person will possess a strong understanding of the wide array of AppSec and InfoSec tools protocols and best practices applicable to application platforms including their infrastructure.

This person must also be experienced in determining root cause and risk in consideration to environmental variables. Additionally this person must have experience maintaining team documentation speaking in meetings escalating issues and driving teams to deliver work.

The ideal person will have a minimum of 8 years of experience in software engineering cybersecurity and/or cyber-audit and will clearly express the following characteristics and competencies:

Must be comfortable speaking in front of audiences including technical teams and senior leaders including VPs.
Strong written communication skills with the ability to produce quality literature and technical documentation.
The ability to collaborate with technical teams to define improve and document procedures to meet compliance requirements.
Diligence in following up on action items and inquiries.
Strong knowledge in security standards and practices for both on-premises and AWS environments; CCSP CISSP or other cloud-focused application security certifications are a big plus.
Familiarity with Data Center and AWS infrastructure including data center network architectures virtualization containerization and AWS products/offerings.
Ability to perform analysis and tests to validate findings and remediation claims.
A strong knowledge of ITIL operations and agile development practices.
Experience working in a DevSecOps culture is a plus.
Experience in a software engineering or project manager role is strongly desired.

Sr. Remediation Analyst Maryland Heights MO Job Summary: Client is looking someone with cybersecurity auditor skill set. Someone who understands cybersecurity best practices and audit controls (primarily PCI DSS) and has the skills to perform a technical assessment of a thing to determine whethe...