"Alerted.org

INFORMATION SECURITY ANALYST

Innovative Systems, Inc., headquartered in Pittsburgh, PA, has an Information Security Analyst position responsible for supporting and enhancing security across infrastructure, coding, SaaS platforms, business continuity, disaster recovery, and policy implementation.  Specific duties include: (i) implementing vulnerability management tools such as Microsoft Defender for Cloud, information security policy creation, and security framework adherence (SOC2, ISO27001, PCI); (ii) leading the company’s SOC2 Type 2 program; (iii) addressing security queries from clients as part of RFP and client’s annual vendor management assessment; (iv) maintaining and enforcing security policy and practices across the company; (v) monitoring and responding to security alerts in SaaS and corporate environments; (vi) generating and acting on security metrics to improve security postures; (vii) providing coding security advice across all product lines aligned with OWASP; and (viii) assisting with code remediation and SaaS platform vulnerabilities identified in penetration tests.

This is a hybrid position with the ability to telecommute two (2) days per week with appropriate telecommuting systems; the remote worksite must be within commuting distance of Pittsburgh, PA for three (3) in-office days.

Must have a master’s degree (or foreign equivalent) in Cybersecurity Operations and Control Management, Cybersecurity Policy, or Cybersecurity Technology   plus three (3) years of experience in a cybersecurity software development, engineering, and/or cybersecurity product development role in an industry that adheres to high regulatory compliance and financial standards.

Experience must include three (3) years with each of the following: (i) coding in .NET and C; (ii) developing REST and SOAP APIs; (iii) implementing secure coding practices (OWASP); (iv) mitigating code vulnerabilities (SQL injection and XSS); and (v) using authentication libraries (MSAL and JWT) and encryption methods (TLS and AES).

Must also have two (2) years of experience with Microsoft ecosystem security activities (including Intune, Defender, and Purview).

Experience can be concurrent.

Apply online at innovativesystems.com

Powered by JazzHR