Threat Level: green Handler on Duty: Remco Verhoef

SANS ISC: InfoSec Jobs InfoSec Jobs

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Sr. Information Assurance Analyst
Company Eastern Bank
Location Lynn, MA
Preferred GIAC Certifications GSEC, GCIH, GCIA, GWAPT, GPEN, GCED, GCFE, GCFA
Travel 0%
Salary Not provided
URL https://easternbank.jobs.net/job/position/J3T0NW6LYH1Y4HPTY7W?utm_medium=email&SiteID=TNALERT_Weekly&utm_source=tn-job-recommendations&utm_campaign=member-scheduled-job-recs&documentId=J3T0NW6LYH1Y4HPTY7W
Contact Name Jason Lazerus
Contact Email j.lazerus/at/easternbank.com
Expires 2020-06-24

Job Description

Eastern Bank is seeking a candidate to analyze application vulnerabilities and the potential impact of those vulnerabilities to information systems and data. They will use their expertise to prioritize vulnerability remediation efforts and contribute metrics to the Enterprise Vulnerability Management (EVM) Program.

What you'll do:
Schedule, monitor, and troubleshoot application vulnerability scanning for internal customers
Provide support and resolution for scanning and vulnerability remediation related issues
Provide support to application development teams to remediate identified vulnerabilities
Interpret application scanning reports to understand exposure and identify potential business risk to prioritize remediation and mitigation efforts
Identify and resolve gaps related to Governance Risk Compliance
Provide consultancy to customers and develop standard operating procedures (SOPs) as necessary
Provide technical support for vulnerability management projects
Develop and mature operation matrix in support of overall EVM program
Possess working knowledge of security concepts in technologies that intersect with own domain
Present to team, department, and senior leaders within direct organization.

Requirements:
Significant enterprise vulnerability management experience to include application remediation activities in a large company
Strong knowledge industry standards regarding vulnerability management
Experience with Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST)
Previous Secure Development Lifecycle or Application Assessment experience
Familiarity with Archer GRC tools is a plus
Extensive knowledge of networking, security architecture and system administration
Experience with scripting languages (Python, Ruby, Perl) and BI tools (Domo, PowerBI)
Good analytical skills, attention to detail and ability to methodically troubleshoot complex issues
Good analytical and negotiation skills
Good communication and presentation skills