Job Title : Cybersecurity Analyst
Duration : Full Time
Location : Secaucus, NJ
Maintain and improve web application Global Threat and Vulnerability Management process to ensure a consistent, repeatable well-defined program is in place.
Define security control requirements for the web environment and related infrastructure services to ensure that access to information, application functions, storage, networks, and data processing systems are adequately safeguarded
Perform application security testing to identify cyber risks for applications belonging to the Client
Work with the Client application/infrastructure/
service owners and support the Client to develop and track remediation of identified improvement opportunities.
Oversee the controls recertification process across web application services to ensure quality results.
Conduct cybersecurity risk assessments for the Client and provide best practices recommendations to support team risk remediation efforts.
Support the Client cybersecurity threat intelligence program. Maintain current and new reporting methods of cybersecurity intelligence analysis to peers and leadership teams for purposes of situational awareness and making cyber intelligence actionable.
Automate security threat monitoring to collect and generate tactical intelligence to uncover attacks not detected with traditional signature or rule based methods.
Administers cybersecurity intelligence process to ensure security threat information, system log information, and sources of external intelligence are combined to provide real time response to cyber events.
Experience in IT with experience in the Cybersecurity area
Ability to handle multiple priorities and deal effectively with the client senior management, staff members, and vendors.
Proficient in word processing, spreadsheet, and presentation creation tools
Experience with security related technologies including: Cyber Threat Intelligence Platform (Anomali, ThreatConnect, Recorded Future, Digital Shadows), Vulnerability Management systems (IBM App Scan, Veracode, Whitehat, Burp Suite, Rapid7 Nexpose and other pertinent cybersecurity technologies in this space.
Knowledge of Microsoft Windows, Red Hat Linux, VMware, and SAN storage platforms and network protocols
Knowledge of NIST 800-53, COBIT, ISO 27001/02
Knowledge of risk assessment methodologies to design and deliver risk assessment engagements.
CISSP, GPEN, OSCP or other relevant security certification is preferred
Intellectual Capital Development
Caresoft Inc. 220 Lincoln Blvd Suite 300 Middlesex NJ 08846
Phone: 732-903-5958 Fax: 732-875-0595