. Security Analyst

Heliopolis - Egypt

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

Job Summary
The Sr. Information Security Analyst supports the organizations overall Information Security including Cybersecurity posture and culture. The Sr. Information Security Analyst will require both strong technical and interpersonal skills to effectively analyze information systems research and validate alerts and operate security tools for monitoring the MTS this hands-on role the incumbent must make well-executed judgments in developing and deploying solutions as part of Application Security. This individual will be required to coordinate with members of other internal IT teams service vendors and stakeholder groups to ensure the efficient timely delivery of security recommendations.

Responsibilities

Evaluate/assess Application Security Architecture and suggest recommendations. Provide best practices.
Prepare Threat Models for Application security and recommend mitigations.
Support the administration of local and vendor-managed security solutions for the MTS environment.
Analyze security threats vulnerability assessments and audit results to recommend security solutions that enable business objectives.
Work with Application Engineering teams to ensure public access applications are designed and implemented with necessary security controls.
Work with the Application Engineering teams to ensure Static Application Security Testing is performed as part of CI/CD. Provide guidance on remediation.
Conduct Dynamic Application Security Testing. Review findings and engage Application Engineering teams for remediation.
Provide security information assurance subject matter expertise support throughout the SDLC.
Review and improve Access Management & Controls.
Collaborate with other teams to support response efforts to security-related findings or concerns.
Report on incident response metrics and provide assessment reports.
Continuously improve the organizations security stance and framework.
Help to develop and maintain Security Best Practices manual/portal.
Assist with the organizations security awareness training program.
Recommend and participate in the design and implementation of policies procedures standards tools and methodologies.
Work with Security Operations Center to analyze and respond to alerts from automated logging monitoring tools. Review and update the incident response and disaster recovery plans as needed
Maintain up-to-date knowledge of the Information security industry including awareness of new or revised security solutions and improved security processes.
Keep a keen watch for new vulnerabilities and exploits and execute documented incident response procedures to deal with them.

Qualifications

5-7 years of experience working in IT and
5-7 years of experience in Information Security.
Familiar with OWASP Top 10.
Familiar with Threat Modeling tools/process.
Familiar with SAST and DAST tools/processes.
Familiar with Identity and Access Management IGA and PAM.
Familiar with DevSecOps CI/CD.
Familiar with security best practices of IT networks.
Familiar with security best practices of public or private clouds.
Familiar with NIST SP 800-53 CSF.
Experience managing security service providers to complete regular duties.
Experience leading other team members.

Strong knowledge of industry standards and best practices for Information Security
Ability to set and manage priorities judiciously
Excellent written and oral communication skills
High Emotional Intelligence (interpersonal skills)

B.S. degree in Computer Science or related technical discipline or any other college discipline with additional 2 years of Information Security experience and CISSP certification.

Certifications such as CISSP GCIH OSCP ISO 27001 LA are highly desirable.

Required Experience:

Senior IC

Job SummaryThe Sr. Information Security Analyst supports the organizations overall Information Security including Cybersecurity posture and culture. The Sr. Information Security Analyst will require both strong technical and interpersonal skills to effectively analyze information systems research an...

Evaluate/assess Application Security Architecture and suggest recommendations. Provide best practices.
Prepare Threat Models for Application security and recommend mitigations.
Support the administration of local and vendor-managed security solutions for the MTS environment.
Analyze security threats vulnerability assessments and audit results to recommend security solutions that enable business objectives.
Work with Application Engineering teams to ensure public access applications are designed and implemented with necessary security controls.
Work with the Application Engineering teams to ensure Static Application Security Testing is performed as part of CI/CD. Provide guidance on remediation.
Conduct Dynamic Application Security Testing. Review findings and engage Application Engineering teams for remediation.
Provide security information assurance subject matter expertise support throughout the SDLC.
Review and improve Access Management & Controls.
Collaborate with other teams to support response efforts to security-related findings or concerns.
Report on incident response metrics and provide assessment reports.
Continuously improve the organizations security stance and framework.
Help to develop and maintain Security Best Practices manual/portal.
Assist with the organizations security awareness training program.
Recommend and participate in the design and implementation of policies procedures standards tools and methodologies.
Work with Security Operations Center to analyze and respond to alerts from automated logging monitoring tools. Review and update the incident response and disaster recovery plans as needed
Maintain up-to-date knowledge of the Information security industry including awareness of new or revised security solutions and improved security processes.
Keep a keen watch for new vulnerabilities and exploits and execute documented incident response procedures to deal with them.

Qualifications

5-7 years of experience working in IT and
5-7 years of experience in Information Security.
Familiar with OWASP Top 10.
Familiar with Threat Modeling tools/process.
Familiar with SAST and DAST tools/processes.
Familiar with Identity and Access Management IGA and PAM.
Familiar with DevSecOps CI/CD.
Familiar with security best practices of IT networks.
Familiar with security best practices of public or private clouds.
Familiar with NIST SP 800-53 CSF.
Experience managing security service providers to complete regular duties.
Experience leading other team members.

Strong knowledge of industry standards and best practices for Information Security
Ability to set and manage priorities judiciously
Excellent written and oral communication skills
High Emotional Intelligence (interpersonal skills)

B.S. degree in Computer Science or related technical discipline or any other college discipline with additional 2 years of Information Security experience and CISSP certification.