The job below is no longer available.
You might also like
in Pittsburgh, PA
- U.S. Army • 9d ago
Urgently hiring 8.6 mi Use left and right arrow keys to navigate - U.S. Army • 9d ago
Urgently hiring 10.1 mi Use left and right arrow keys to navigate 
Howmet • 3h agoUrgently hiring 7.8 mi Use left and right arrow keys to navigate- Howmet • 3h ago
Urgently hiring 7.8 mi Use left and right arrow keys to navigate - NRG Energy • 3h ago
Urgently hiring 7 mi Use left and right arrow keys to navigate
Sr. Information Security Analyst - Full-time / Part-time
•30 days ago
| Hours | Full-time, Part-time |
|---|---|
| Location | Pittsburgh, PA Pittsburgh, Pennsylvania |
About this job
The Senior Information Security Analyst is responsible for strategic information security infrastructure design, policy creation, and similar areas of enterprise information security. The Senior Information Security Analyst is also tasked with technical and administrative security review of IS projects and initiatives with the business units.
Requirements
- Design network and application vulnerabilty assessment program and testing methodologies. Perform technical risk assessments for enterprise systems and report gaps and remediation actions. Analysis includes automated testing using standard tools as well as manual testing and interrogation of web based applications.
- Design and configure Intrustion Prevention Systems and passive Intrusion Detection Systems. Create and test custom signatures based on emerging threats or business need. Perform signature updates and reviews and tuning of sensors. Configure automated reporting and develop escalation procedures.
- Configure SIEM (Security Information and Event Management) platforms to include obtaining data from endpoints and network devices and generating reports. Create automated workflow to address security related incidents.
- Perform regulatory compliance audits including SOX, PCI, HIPAA. Report findings and advise on remediation efforts. Assist in preparing business application owners prior to external audits.
- Lead advisement and interpretation of emerging regulations and legal requirements. Research, monitor and advise to emerging security threats and developments that affect business systems or network infrastructure.
- Lead and advise on security related updates for endpoint applications, server applications, as well as vendor supplied or proprietary security patches. Responsible for coordination with various teams to ensure patches are deployed in a timely manner based on risk assessment to the organization.
- Design and maintain various cryptographic solutions including x.509 based certificate cryptography, PGP/GPG PKI infrastructure, TLS/SSL tunneling solutions, endpoint encryption, and other cryptographic solutions on mulitple platforms, both at rest and in motion.
- Perform penetration testing on multiple platforms and network environments including wireless (RF), wired, physical, social, and the like following frameworks such as the OSSTMM and ISSAF.
- Review firewall rules and access control lists for appropriate access; may include port and protocol analysis to best determine scope of access rules.
- Assist in creating and maintaining information security policies, including technical and administrative policies.
- Availability for 24/7 rotational support.
- Conduct research on new security technologies and products, both open source and vendor proprietary.
- Little or no financial or budgetary responsibility Amount of Budgetary Responsibility: $0
- None
Your Privacy Choices