Previous Job
Previous
IT Analyst IV
Ref No.: 18-07591
Location: Johnston, Iowa
Start Date / End Date: 06/18/2018 to 10/31/2019

Job Title: IT Analyst IV
Duration: 16+ months
Location: Johnston, IA- 50131

Job Description:
 
  • Provides application development and support to partner in the planning, delivery and/or support of business processes utilizing information technology and business practices for strategic business units.
  • Work is of medium to high complexity and moderate to high in risk.
  • Has expanded contact with responsibility to varied and multiple departments and functional operations, and actively participates in strategic business relationships.
  • Serves as a key team member which may include being on multiple teams and/or team lead.
  • Participates in the review and formation of processes.
  • May plan work and schedules for others for project related work.
  • Impact of decision-making is medium to high risk and impact. Serves as a consultant or expert and actively shares knowledge across workgroups.
  • Applies information analyses to optimize the integration of major strategic business processes.
  • Designs and implements complex changes impacting several processes with minimal direction.
  • Primarily performs as an individual contributor, but may supervise a small work team (6 or fewer members).
 
Duties:
 
  • Lead the Identification, analysis and selection of complex information technology and business practices to support strategic business process/plans.
  • Participates as required to design, develop, test and integrate applications of high complexity. Lead in the implementation of information technology and business processes of high complexity.
  • Supports, evaluates, and continuously improves information technology and business processes to maintain alignment with business plans of medium-high complexity and medium-high risk.
  • Leads the development and may manage a project plan and schedule for a given functional area.
  • Acquires solid foundation of project management.
  • Engages in expanded contact with varied and multiple departments and functional operations; actively participating in strategic business relationships and/or issues.

Specific Position Requirements          
 
Key Responsibilities Include:
 
  • Provide the technical guidance and partner with Client architecture, data, application and infrastructure areas to interpret security standards and derive appropriate solutions to manage risk and maintain compliance within the Client application development areas.
  • Drive Client  SecDevOps and Secure Programming practices and processes including application requirements and design reviews for improving security and assist with the interpretation, prioritization and resolution of vulnerabilities identified through code scanning methodologies.
  • Identify and support the remediation of security vulnerabilities in applications, databases, middleware, operating systems, and networks.
  • Leverage a variety of methods to identify vulnerabilities, including but not limited to scanning tools, automation tools, and data analysis.
  • Partner with delivery teams across Client IT to ensure appropriate security configurations for application development, connectivity and data exchange, middleware, etc., including participation in the development of hardening standards for cloud adoption and the application of secure coding standards to ensure confidentiality of client information and compliance with applicable standards and regulatory controls.
  • Ensure continuous improvement in the vulnerability management process by preventing vulnerabilities from being deployed to production; examples include reviewing tools and processes such as secure configuration and patch management; providing input into standards and policies; and performing retrospectives.
  • Keep current with industry trends and enterprise initiatives, to ensure that our Information Security program capabilities evolve with emerging threats, new technology capabilities, and business needs.
 
Required Skills and Experience:
 
  • 4+ years of experience in Information Security focusing on security solution design, engineering, implementation and assurance.
  • 2+ years of experience working with Information Security and IT general controls, including experience defining and documenting controls using COBIT 4.1 or 5.0, the NIST Cybersecurity Framework, the ISO 27k framework, the SANS 20 critical controls or similar experience.
  • 2+ years application security experience with corresponding SecDevOps technologies (e.g. Jenkins, GitHub).
  • Demonstrated experience with AWS security and application deployment best practices.
  • Understanding of code scanning and application vulnerability discover technologies and methodologies (e.g. DAST, SAST, penetration testing)
  • Strong knowledge of the OWASP Top 10 and other common software security knowledge indexes.
  • Understanding of the regulatory environment and experience with regulators.
  • Strong written and verbal communication.
  • Comfortable delivering tasks and assignments in an evolving and a maturing environment.
 
Preferred Skills and Experience:
 
  • Experience in Financial Services and or Banking industries.
  • Deep understanding of Information Security technologies including firewalls, IDS/IPS, Password Vaults, CASBs, SIEM, IT GRC, DLP, etc.
  • Experience with the FFIEC Cyber Security Assessment Tool.
  • Applicable certifications (e.g. CISSP, CISA, CISM, CGEIT, CRISC).


​Regards,

Jayabalaji
Sunrise Systems Inc.
Desk: (732) 313 0266
Email: jayabalaji.s@sunrisesys.com URL: www.sunrisesys.com