5130 Hacienda Drive Dublin, CA 94568
Position: Security Analyst
Location: Dublin, CA
Contract to Hire
Bayside Solutions is looking for a Security Analyst for their direct client.
The Security Analyst works directly with IT project teams as the security subject matter expert to provide information security recommendations and guidance in order to identify, manage, and mitigate security risks. The position is also responsible for validating security requirements adherence, evaluating security services and technologies, and develops information security policies and procedures. The Security Analyst is also responsible for performing host and vulnerability assessment, managing change requests thru change management process, performing vendor risk assessments and ensuring company compliance with all applicable laws, rules and regulations.
Responsible for identifying and establishing project security related requirements, providing guidance and ensuring that security requirements have been captured, designed, built and validated prior to the deployment of the new/enhanced capabilities.
Interprets information security policies, standards, and other requirements in order to ensure proper adherence and implementation.
Develops use cases for project related penetration testing in alignment with the security requirements objectives
Lead the execution of project related penetration testing, source code security review and host security certification activities
Develops system, database or network device minimum security baselines and automated scripts use for host security certification
Manage and maintain security related tools used to perform host security certification and vulnerability management
Performs research and evaluation of various methods to secure systems, networks, databases, and business applications in support of the project deliverables, related services, and other IT organizations
Contributes to the security enhancement of the Systems Development Life-Cycle (SDLC) and the Threat and Vulnerability Management programs
Creatively and independently recommends resolution to security related problems
Develop technical reports, metric reporting and/or security related presentations
Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
Monitors current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy, so that the company is warned in advance and is ready to be fully compliant with these requirements.
At least three years of Information Technology Security
Bachelor degree preferred or equivalent combination of education and relevant experience
CISSP (Certified Information Systems Security Professional) preferred
Demonstrated experience and subject matter knowledge in information security for applications, web architectures, operating systems, databases, and networks.
Working knowledge of UNIX and Windows
Firewalls, VPN, PKI, IPS, Wireless, IPT
Oracle, MS SQL