Information Security Analyst - III at The Judge Group Inc.

Posted in Other 12 days ago.

Location: Chicago, Illinois





Job Description:

Location: REMOTE

Description: Our client is currently seeking a Information Security Analyst - III/ REMOTE (EST)


Description Looking for a Product Security Penetration Tester/Engineer to join our team.
This candidate will be responsible for ensuring the adoption of the product security framework within our product business unit in order to improve the security of products and solutions.


This individual will work with a cross-functional team to improve the design and development of our products, including but not limited to devices, software and cloud infrastructure.


The role will include overarching product security activities within the business portfolio of products; such as product security risk assessments, remediation planning, awareness/training, incident response, and strategic initiatives.


In addition, this individual will design and execute formal penetration testing of existing and future products in collaboration with our corporate product security engineering team.



JOB DUTIES: Perform formal penetration testing of products and solutions, including remediation planning and solution identification Perform Threat Modeling & Vulnerability Management process and tools for all developed products/services/solutions Research, document and discuss security findings with management and product management teams


Perform design and implementation security reviews for all products and ensure adoption of product security framework and policies


Provide feedback and verification of remediation for the identified vulnerabilities


Provide clear and concise reporting of vulnerabilities and defects with potential resolutions and recommendations.


Track and report adherence to product security requirements throughout software development lifecycle, pre- and post-commercialization


Propose and evaluate innovative new security features that could benefit our products


Develop technical solutions to address security weaknesses and collaborate with relevant stakeholders to effectively implement them in our products Assist with security incident response as needed May perform other duties as identified



MUST HAVE SKILLS:



Expertise in conducting application security assessments covering threat modeling, design reviews, project management and in-depth implementation audits.


A minimum of 2 to 5 years of industry experience in security and development Solid foundation in formal penetration testing, ethical hacking of embedded systems, web applications and complex networked system


Demonstrate knowledge of product security requirements and secure coding standards, e.g., NIST SP 800-53, ISO/IEC 27001, OWASP, SEI CERT, and MS Secure Coding Standards



DESIRED SKILLS:


Demonstrates thorough abilities and/or a proven record of success in the following areas:


- Engaging business and technology stakeholders at all levels to gather long term goals and requirements;


- Demonstrating hands-on engineering experience with enterprise security technology;


- Contributing to a central technology service organization;


- Navigating a matrix organization; and,


- Collaborating with multiple stakeholders across functional and technical skill sets.



EDUCATION/CERTIFICATIONS: Ideal candidate will have BS or MS in Computer Science, Information Security or equivalent experience, Offensive Security Certified Expert (OSCE) or an Offensive Security Certified Professional (OSCP)




Contact: spandey02@judge.com


This job and many more are available through The Judge Group. Find us on the web at www.judge.com
More jobs in Chicago, Illinois


Chubb

RetailData

Mariano's
More jobs in Other


Nou Systems Inc

Nou Systems Inc

Nou Systems Inc