Senior Analyst, IT Business Solutions

AnalystAnalystFull TimeRemoteTeam 10,001+Since 1971H1B SponsorCompany Site LinkedIn

Location

Ohio

Posted

112 days ago

Salary

$80.5K - $103.4K / year

Bachelor Degree2 yrs expExperience acceptedEnglishCyber SecuritySDLCService NowSplunk

Job Description

• Application Portfolio Management (APM): Manage and maintain APM records (Wavemark, MarginAnalysis), ensuring data accuracy. Track APM resiliency deadlines and update relevant systems (worksheets, ServiceNow). Monitor Archer dashboards for upcoming deadlines and past-due remediations. Facilitate status calls with stakeholders regarding application resiliency, exemptions, and remediation. Collaborate with IT and business teams for APM record updates and reporting. • Application Security & Compliance: Analyze security threats, vulnerabilities, and audit findings to prioritize remediation. Collaborate with product management and development teams to plan and schedule security fixes that align with business objectives. Support the integration of application logs into the SIEM and develop monitoring and alerting systems to detect potential application attacks and resiliency issues. Develop and implement testing/validation processes for security system effectiveness. Ensure adherence to enterprise security processes, business, regulatory, and legal requirements. Assist in security incident response using SIEM and other detection platforms. Review policies, procedures, system designs, and security controls against frameworks (e.g., NIST Cybersecurity Framework). Support implementation and configuration of application security tools. Monitor and ensure compliance with established application security standards. Assist the Incident Response team with application security investigations. Develop custom tools to help software teams embed security into their development processes when off-the-shelf solutions are unavailable.

Job Requirements

2-4 years of experience, preferred
Bachelor's degree in related field, or equivalent work experience, preferred
Knowledge of SDLC and DevSecOps concepts such as CI/CD pipelines preferred
Experience with common application security controls including WAF preferred
Understanding of standard security control frameworks, including NIST Cybersecurity Framework (800-53) preferred
Strong analytic, troubleshooting skills; can problem solve, organize, and manage multiple tasks and projects in a health information system environment preferred
Able to stay objective and independent when completing assignments and consistently demonstrate the ability to hold information in confidence preferred
Ability to learn new software and hardware packages and adapt to changes in technology preferred
Strong technical, process, and interpersonal skills to effectively analyze information systems, research and validate risks preferred
Knowledge of common patterns for AuthN and AuthZ preferred
Experience in understanding SCA/SAST scan results and working with development teams to establish remediation plans preferred
Experience in creating dashboards in Splunk, Rapid7 or other equivalent tools to measure and guide application security work preferred
Experience with Veracode preferred
One or more Information Security Certifications preferred: CISSP, CISM, CCSP, CISA preferred.