Senior Information Security Analyst
ASCAP
New York, NYThis was removed by the employer on 8/6/2019 4:13:00 PM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Search for Senior Information Security Analyst jobs in New York-NY
Search all Senior Information Security Analyst postings
Full Time Job
Senior Information Security Analyst (contract)
Job Description
Reporting directly to the VP Information Technology, you'll be responsible for managing a range of security solutions and third party services that protect the enterprise systems and assets from internal/external threats. This includes on-prem data centers as well as infrastructure that has migrated to cloud service providers making up a multi-cloud footprint. You will be tasked with your own projects, some of which introduce entirely new tools and techniques for monitoring and detecting threats and anomalies in the application landscape across multiple environments. There will also be work where your knowledge of information security, application security, vulnerability management, penetration testing, threat modeling and other abilities needs to be applied to projects that the business has set for execution. Keep in mind that ASCAP is not in the business of implementing security features, but rather is in the business of implementing features securely.
Responsibilities
• Conduct technical cyber investigations with hands-on approach
• Create and improve infosec documentation and procedures
• Be comfortable writing policies and standards and reviewing them annually
• Support our cloud migration activities and projects, extending controls and monitoring that meet the business, legal and technical requirements to safeguard data and access
• Work with our vendors and partners to help them maintain their security posture
• Deliver security awareness training for the organization relevant to their responsibilities
• Orchestrate an automated vulnerability management program that identifies, confirms, tickets and tracks remediation of platform exposures to exploits and risks
• Perform audits and analysis of network, endpoint, database, cloud services and privileged identity management logs and events
• Keep abreast of industry trends, new threats and malicious actors across platforms
Key Technologies
• Qualys/Nessus scanning, Ansible playbooks, PGP/GPG keys, scripted PKI and Root Certificate Authority management, Sysinternals Suite, Burp Suite, OWASP Threat Modeling, nmap, wireshark, Kali Linux pentesting, python/perl/bash/go scripting
Qualifications
• 5 years of infosec analyst experience and incident response
• Experience with evangelizing DevSecOps tools and techniques
• Experience with AWS/Azure products and knowledge of how to secure them
• Familiar with core principles of TCP/IP networking, DNS, routing and load balancing
• Deep knowledge of several of the following areas:
• Mobile Device Management
• Anti-Virus/Endpoint Protection
• Vulnerability Management
• Penetration Testing
• Multi-Factor Authentication/SSO
• Digital forensics, hard drive imaging
• Passion for knowledge and command of technology (if you don't know three ways of abusing a tool you don't know how to use it)
• Ability to work independently as well as collaborate with others effectively
• Higher education desired, but not required
• Security certifications will be considered, but prefer qualified to certificated candidates
What We Love About You
• You love our users. You deeply understand our users and put them at the center of everything you do. You aim to serve and delight them every day.
• You do the right thing. You are respectful and act with the highest integrity. If you see something that isn't right, you say something.
• You debate it. You ask questions to understand a perspective and are comfortable respectfully challenging assumptions. You are not turned off by constructive conflict to get to the right answer.
• You own your outcomes. You set clear ambitious goals. You anticipate obstacles, persevere, and are accountable for your commitments.
• You make fast decisions. You are an effective and timely communicator. You understand how to collaborate, compromise, and escalate when needed.
• You get better every day. You welcome the gift of feedback. You never settle in your quest to grow and develop. By being here, you make our company stronger.