CISSP Jobs - Security Assurance Analyst, 14651

at Apex Systems
Location Miami, FL
Date Posted November 8, 2019
Category Default
Job Type Full-time



Full JD:

We are currently seeking a Security Assurance Analyst! This role is an individual contributor role with accountability for researching, preventing, detecting, and recommending remediation to security vulnerabilities at the infrastructure and application layers. The resource supports developing and maintaining an integrated Secure Software Development Lifecycle, protecting the integrity, confidentiality, and availability of corporate applications. 

Essential Functions:

  • Perform web application security testing (includes dynamic and static code scanning, DB Scans) to identify vulnerabilities and security risks on web/non-web applications and back-end databases and collaborate with diverse IT and business teams to assist in the remediation efforts in a risk-prioritized, effective, and efficient fashion.
  • Provide application vulnerability assessments and reports to Carnival applications, identifying weaknesses and vulnerabilities with the system and proposing countermeasures.
  • Conduct security analysis and vulnerability testing on network, application, and infrastructure components; conduct root cause analysis and work across IT and business teams to develop solutions that address root causes.
  • Re-test fixed vulnerabilities and publish test results in formal security reports and dashboards for teams and management.
  • Collaborate closely with the Security Operations, Compliance, Web Development, DevOps, and other operations teams to ensure appropriate response to security findings.
  • Manage false positive reviews and exception form preparation. Coordinate with vendor support teams for escalated reviews, as needed.
  • Handle web application vulnerability management process, which includes: scoping, vulnerability scanning, penetration testing, reporting, ticket administration, false positive reviews, exception reporting, and remediation follow-up tasks.
  • Recognize and identify potential gaps in areas where existing data security policies and procedures require changes, or where new ones need to be developed, especially regarding future business expansion. 
  • Monitor security-related websites and e-mail distributions to possess knowledge of common exploits, vulnerabilities and countermeasures.  Escalate any high risk security threats to Information Security Management.
  • Assist in implementation of corporate security policy functions/procedures that align to security mandates/standards that include Sarbanes-Oxley, HIPPA, and PCI compliance.

Minimum Qualifications:

  • Bachelor’s degree preferred
  • Security-related certifications (CISSP, CEH, GIAC GXPN, GPEN, GWAPT, GCIH) a plus
  • Industry recognized technical certification desired (MCSE, CCNA, CISSP, CISA, Security+)
  • 3 to 5  years’ experience within web application security

Please send all resumes and contact information to John Edwards: [Click Here to Email Your Resumé]

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178

Drop files here browse files ...