Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Tenable Security Analyst

Expired Job

Softworld, Inc. Information Technology Services Atlanta , GA 30301

Posted 5 months ago

Security Analyst Tenable

Softworld Inc s Client is seeking a Security Analyst Details Below:

Duties and Responsibilities:

Scanning, and reporting on 1000 plus devices utilizing Tenable SecurityCenter
Develop and enhance documentation for the implementation and maintenance of local appliances
Create and manage reporting on environment activities and actions
Conduct vulnerability and compliance scans for system analysi
Provide guidance to client as well as internal delivery team on Risk Management, Governance & Privacy.
Work with the solution team in privacy, risk & compliance solution and provide technical guidance on program optimization.
Liaison with the client team in finalizing the workflow and design of Governance, Risk & Privacy management application.
Documentation of technical, functional documents and user training manuals
Participates in client steering committee meeting and provide reports on functions implemented and updates on solutions
Ensure that all incidents related are resolved within defined SLAs
Training client executives on internal control frameworks
Software license forecasting & liaison with vendors
Forecasting and capacity management for application underlying infrastructure
Core skills:

Extremely proficient with Tenable SecurityCenter
Experience with standards (such as ISO: 9000, ISO: 27001, ISO; 20000, NIST, ITIL V3.0, etc) and Frameworks (such as COBIT, COSO, etc.)
Open to learning and working in new domains and technology.
Good written and spoken communication skills.
Education

BS/BA degree from accredited university
Experience

Five or more years of related work experience
Training Requirements

One or more certifications in information security (such as CISSP, CISA, Sec+, etc)


upload resume icon
See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sr Application Security Analyst

Mckesson Corporation

Posted 2 weeks ago

VIEW JOBS 1/3/2019 12:00:00 AM 2019-04-03T00:00 Current Need This position will be responsible for driving application security strategy in all phases of the Software Development Life Cycle (SDLC). The role will set the strategy, provide guidance, and advocate for secure service delivery inside McKesson Enterprise. They will also partner with Business Unit, Technology, and Risk Management leadership to ensure solutions are delivered with security and functionality in mind to help drive business for McKesson. Position Description This position is part of McKesson's Information Security and Risk Management (ISRM) team and is responsible for building and promoting secure application development processes across the enterprise for all McKesson business units. As a McKesson Sr. Application Security Analyst, you will work cross-functionally to identify, remediate, and respond to threats that may arise against our web| mobile| and API applications. Experience integrating multiple security tools and products into existing CI/CD pipelines and the ability to quickly locate and understand the impact of a vulnerability is required. You will be a key part of developing and implementing systems to perform early vulnerability detection and attack surface mitigation. Understanding vulnerability analysis, threat-modeling, and being able to perform targeted penetration testing against internal systems will be key to being successful in this position. This is a hands-on role that involves evaluating and enforcing application security in all phases of the Software Development Life Cycle (SDLC). This position will work closely with our development teams to define the application security best practices, perform software architecture and design reviews, conduct white box security testing, and support the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms. Responsibilities * Integrate application threat modeling, security tools, standards, and processes into the product lifecycle * Oversee the implementation of Secure Development Lifecycle (SDL) processes across development teams * Articulate risk and business impact to stakeholders * Ability to convey the urgency and need to remediate vulnerabilities commensurate with the risk it presents to McKesson * Develops and maintains vulnerability and response artifacts systematically to produce metrics that can measure the overall program maturity and progress. * Creates visibility and awareness at appropriate level including executive leadership teams, CISO and other on vulnerabilities that require attention * Synthesis required information for risk articulation * Demonstrates ability to strike a balance between strategic and tactical activities required to run the vulnerability response and remediation efforts * Cultivates the practice of staying abreast on latest trends and developments in vulnerability response and remediation activities followed across industry. * Actively reviews public and private vulnerability notifications/disclosures, consumes research findings and prioritizes remediation efforts. * Research exploit techniques and mitigation strategize * Lead coordination efforts between technology stakeholders and ensure high-quality and accurate reporting and tracking. Evolve internal tools and processes that manage the inspection, remediation, assurance measuring lifecycle activities of IT technologies operated and managed by organizations responsible to McKesson Enterprise. * Build relationships and become a trusted advisor with BU and technology owners to influence change and drive ownership and accountability. Minimum Requirements 6+ year's experience in administering security controls in an organization Critical Skills * Experience with HTML and JavaScript along with a solid understanding of HTTP protocol * Basic knowledge of SQL and prior experience with programming in one or more server-side technologies such as ASP.Net * Thorough understanding of industry and commonly adopted secure standards, practices (e.g. applicable NIST standards, CIS, ISO, OWASP, SANS, BISMM, and CERT) * Administration experience with any of the following: Veracode, Synopsys, Sonarqube, Sonatype, and other security inspection and analysis solutions. * Experience with automated and manual penetration testing * Participate in strategic planning with regards to program development * Assist with program assessments ensuring programmatic goals are well documented * Expert knowledge of information security principles, web applications and a level of familiarity with malicious code and common techniques used by hackers * Knowledge of cloud-based infrastructures/software and how they affect security needs. * Experience implementing security practices in CI/CD environment * Experience using Agile software development and project management. Experience with Scaled Agile Framework (SAFe) Additional Knowledge & Skills * Knowledge of microservices architectures * Experience conducting secure code development training * Knowledge regarding healthcare IT * Consulting background * Experience in large highly segmented and regulated organizations * Experience interacting with security vendors and customers * Self-motivation and the ability to work under minimal supervision are a must * Excellent at multitasking, and open to constant learning * Energetic and positive attitude * Excellent problem solving and analytical skills; outstanding oral and written communication skills Education 4-year degree in computer science or related field or equivalent experience Certifications/Licensure Any of the following preferred but not required: GWAPT, GPEN, GXPN, OSCP, CISSP Physical Requirements General Office Demands McKesson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to Disability_Accommodation@McKesson.com. Resumes or CVs submitted to this email box will not be accepted.Current employees must apply through internal career site.Join us at McKesson! Mckesson Corporation Atlanta GA

Tenable Security Analyst

Expired Job

Softworld, Inc. Information Technology Services