Information Security Programming Analyst

Responsibilities:

• Conduct thorough code reviews and vulnerability scans to identify weaknesses in existing software and infrastructure. Use tools such as Nessus and Qualys for systematic analysis.
• Prioritize identified risks based on their severity and potential impact on business operations, presenting actionable remediation strategies to leadership.
• Evaluate third-party software and APIs for compliance with security protocols and ensure they meet organizational standards before integration.
• Manage the deployment of secure authentication systems, such as multi-factor authentication (MFA) or single sign-on (SSO), to safeguard user identities.
• Collaborate with software developers to integrate security features during the software development lifecycle (SDLC), ensuring that applications meet security standards from inception to deployment.
• Assess and prioritize vulnerabilities based on exploitability and potential impact, ensuring remediation timelines are met.
• Regularly test patches and configuration changes to validate their effectiveness against identified vulnerabilities.
• Prepare periodic reports for management and stakeholders, highlighting the organization's security posture, key vulnerabilities, and actions taken to mitigate risks.
• Document and deliver detailed vulnerability assessment reports and threat analysis to technical and executive stakeholders.

Requirements:

• Education: Bachelor’s degree in Computer Science, Information Security, or a related field.
• Certifications: Relevant certifications like Oracle Cloud Infrastructure, Certified Information Systems Security Professional (CISSP), or GIAC Security Essentials (GSEC), etc.
• Experience: 1-5 years of experience in software development, information security, cloud security, or a similar role in a security operations environment.

Technical Skills:

• Proficiency in programming languages such as C#,.NET Framework,ASP.NET, Flutter, Java, or JavaScript for developing security tools and custom solutions.
• Experience with scripting languages like PowerShell, Bash, or Perl for automating tasks and managing systems.
• Proficiency in Endpoint Detection and Response (EDR) tools such as Trend Micro Vision One for advanced threat detection, coupled with strong knowledge of Security Information and Event Management (SIEM) tools like Alienvault.
• A solid understanding of cloud security concepts and platforms, including Azure and OCI Cloud.
• Experience working with database management systems such as SQL, Oracle DB, or PostgreSQL, with a focus on securing sensitive data.
• Capability to secure web applications through secure coding practices and tools such as OWASP ZAP or Burp Suite.
• Familiarity with CI/CD tools to ensure seamless integration of security measures during the development lifecycle.

Soft Skills:

• Strong analytical
• Problem-solving skills
• Attention to detail
• Effective communication.