Applications Security Analyst job Washington District of Columbia
Applications Security Analyst job Washington District of Columbia
My Spider Scam Awareness Contacting Us F. A. Q.
 
Job Seekers
Search Jobs
Browse Jobs
Post a Resume
Job Alerts
 
Employers
Search Resumes
Browse Resumes
Post a Job

Applications Security Analyst Job



Employer Name: SpiderID: 8874539
Location: Washington, District of Columbia Date Posted: 8/14/2019
Wage: Negotiable Category: Information Technology
Job Code: 2019-08

Job Description:

Application Security Analyst


The successful candidate must be well-versed in security operations, cyber security tools, and Open Source information gathering from public and private sources. The candidate will provide operational support on expert level analysis in regards to Advanced Persistent Threats (APTs), Indicators of Compromise (IOC), Intelligence Gathering and sharing this information with other formalized partners.


Job Responsibilities



  • Supports the development of security procedures and methods to ensure the safety of information systems and to protect the system from intentional (unauthorized) or accidental (inadvertent) access or destruction.

  • Works with Web development, network administration, and corporate security teams, to actively identify, and analyze risks and develop plans that drive security improvements for the project/program.

  • Serves as a liaison between development teams and stakeholders to understand and formulate security requirements for project/program.

  • Defines, maintains, and enforces application security best practices.

  • Explains and demonstrates vulnerabilities to application owners, and provide recommendations for mitigation.

  • Conducts and coordinates vulnerability assessments of software application under development.

  • Identifies additional application security related tools, conducts tool analysis, and provided recommendations.

  • Performs and conducts penetration tests and manual/automated code reviews.

  • Trains developers and other relevant team members on Secure Code Development as well as other security protocols as needed.


Minimum Qualifications



  • Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience.

  • 5-10 years of experience as an Application Security Developer, Application Security Analyst, or equivalent.


Other Job Specific Skills



  • Gather, extract, and disseminate open source intelligence (OSINT) on threat actors targeting the VA, health care industry, government agencies in general, as well as public sector

  • Work with industry partners to gather and share intelligence. Apply intelligence to the VA network and systems to proactively identify potential cyber threats

  • Provide proactive event monitoring/event management/configuration of the following security tools for targeted threats and malicious activity including but not limited to: Splunk, Palo Alto Networks, McAfee EPO, Cisco Ironport, Netscout, Sourcefire Defense Center, Bigfix, and IBM Cognos

  • Determine if an event meets the criteria for additional cyber hunt investigation and/or constitutes a security incident subject to investigation and notify team lead or designate within 15 minutes

  • Review audit logs and identify any unusual or suspect behavior

  • Provide targeted attack detection and analysis, including the development of custom signatures and log queries and analytics for the identification of targeted attacks

  • Develop and execute custom scripts to identify host-based indicators of compromise

  • Provide advanced technical capabilities to senior leadership, including Big Data Analytics, and Predictive Intelligence

  • Provide proactive APT hunting, incident response support, and advanced analytic capabilities

  • Profile and track APT actors that pose a threat to the organization in coordination with threat intelligence support teams

  • Support the incident response process by providing advanced analysis services when requested to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling (IH)

  • Provide all VA cyber task areas with actionable intelligence and serve as the threat dissemination hub



#CJpost



Job Criteria:
Start Date:
Position Type: Full-Time Permanent
Years of Experience Required:
Education Required:
Overnight Travel:
Vacation Time:


Contact Information:
Contact Name: ASM Research Company Type:
Company: ASM Research
City:
State:
Zip:

Send ad to a friend
Report a Problem


    





© 2019 Job Spider
Privacy Policy | CC Marketing Sites | Site Map | Links