Think of yourself as someone who will do the application of design reviews, security testing, critical code reviews, remediation and mitigation of audit findings in adherence to standards and safe practices , so not just anyone is qualified for this role! We make sure we get the best of the best, after all, we are a ridiculously good company so we make sure our employees are top notch.
So come on, now we need your full concentration because itâs time to imagine what itâs like being a ISBI Security Analyst.
Imagine yourself going to work with one thing on your mind : you will work in support of the Information Security, Applications Development team, and business units In threat modeling on new and existing products and features to help guide security activities, suggesting preferred implementation patterns and identifying areas of security risk for scrutiny.
identify security flaws and suggest remediations based from OWASP and other secure SDLC standards and frameworks.
As an ISBI Security Analyst, you will help architect solutions that are inherently secure (Designing, Threat Modeling, Prototyping).
You will correctly balance security risk and product advancement. You will provide engineering designs for new software solutions to help mitigate security vulnerabilities.
You will implement, test and operate advanced software security techniques in compliance with technical reference architecture.
You will perform ongoing security testing, technical assessments and code review to improve software security. You will conduct research on emerging practices, services, protocols, and standards in support of system security and compliance enhancement and development efforts.
You will assist the development and maintenance of security operations procedures and processes, as well as work with the business units outside of InfoSec to formally document policies and procedures.
You will recommend and support deployment of additional security products and tools, or enhancements to existing tools, to mitigate security risk and detect / remediate compromises.
You will work with security engineers for the optimal configuration of network and host-based security platforms in line with compliance and product requirements.
You will provide incident response support as needed in response to information security related events. In the event of security incident response, participate in the analysis, troubleshooting, and investigation of security-
related, information systems anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.
You will evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations.
You will performs other duties as assigned.
So, do you have what it takes to become an ISBI Security Analyst?
153;s degree in MIS / Computer Science or Business and / or a combination of education and relevant experience . We also need someone with 3 years of demonstrated application security experience .
Someone with detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation.
Someone with strong demonstrated knowledge of web protocols and an in-depth knowledge of Linux / Unix / Windows tools and architecture .
Someone who demonstrated software development proficiency and comprehension of algorithms and processes for programmatic automation via scripting or programming languages (Python, Ruby, shell, perl, etc.
Someone with a well-rounded background in host, network and application security
What else? We need someone with sound technical writing, documentation, and communication skills. Someone with strong understanding of enterprise, network, system and application level security issues.
Someone who has an understanding of the system hardening processes, tools, guidelines and benchmarks. Someone who has candidate should have good Project Management skills with the ability to self-
starter projects. Someone who has the ability to handle sensitive and / or confidential material and information with suitable discretion.
Someone with excellent interpersonal skills and a professional demeanor. Someone who has the ability to travel up to 20% internationally and domestic.