Information Security Analyst

Pittsburgh, PA

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Full Time Mid-level / Intermediate USD 80K - 150K * ^est.

Innovative Systems

Posted 11 hours ago

INFORMATION SECURITY ANALYST

Innovative Systems, Inc., headquartered in Pittsburgh, PA, has an Information Security Analyst position responsible for supporting and enhancing security across infrastructure, coding, SaaS platforms, business continuity, disaster recovery, and policy implementation. Specific duties include: (i) implementing vulnerability management tools such as Microsoft Defender for Cloud, information security policy creation, and security framework adherence (SOC2, ISO27001, PCI); (ii) leading the company’s SOC2 Type 2 program; (iii) addressing security queries from clients as part of RFP and client’s annual vendor management assessment; (iv) maintaining and enforcing security policy and practices across the company; (v) monitoring and responding to security alerts in SaaS and corporate environments; (vi) generating and acting on security metrics to improve security postures; (vii) providing coding security advice across all product lines aligned with OWASP; and (viii) assisting with code remediation and SaaS platform vulnerabilities identified in penetration tests.

This is a hybrid position with the ability to telecommute two (2) days per week with appropriate telecommuting systems; the remote worksite must be within commuting distance of Pittsburgh, PA for three (3) in-office days.

Must have a master’s degree (or foreign equivalent) in Cybersecurity Operations and Control Management, Cybersecurity Policy, or Cybersecurity Technology plus three (3) years of experience in a cybersecurity software development, engineering, and/or cybersecurity product development role in an industry that adheres to high regulatory compliance and financial standards.

Experience must include three (3) years with each of the following: (i) coding in .NET and C; (ii) developing REST and SOAP APIs; (iii) implementing secure coding practices (OWASP); (iv) mitigating code vulnerabilities (SQL injection and XSS); and (v) using authentication libraries (MSAL and JWT) and encryption methods (TLS and AES).

Must also have two (2) years of experience with Microsoft ecosystem security activities (including Intune, Defender, and Purview).

Experience can be concurrent.

Apply online at innovativesystems.com

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats: 0 0 0

Category: Analyst Jobs

Tags: AES APIs C Cloud Compliance Encryption ISO 27001 Monitoring OWASP RFPs SaaS SOC 2 SQL SQL injection TLS Vendor management Vulnerabilities Vulnerability management XSS