Position : Information Security Analyst (Pittsburgh, PA)
Job Description :
Information Security Analyst (ISA) needed to develop and maintain software security assurance (SwSA) processes and practices to discover and diagnose security issues throughout the SDLC and ensure SwSA processes include Security Engineering reviews on the application system architecture. The ISA must also ensure security and consistency of application across the various software development teams and throughout the Software Development Life Cycle (SDLC) using industry-proven techniques and tools that increase software security. The ISA must continually assess and improve the security activities within SDLC processes to meet the changing risk landscape. The ISA must review and update coding guidelines to ensure secure coding standards to be incorporated to SDLC to minimize security flaws in application software. The ISA must work with project teams and software developers to analyze software applications and identify security vulnerabilities across a variety of programming languages and document the SwSA assessment findings and work with project team and developers to identify mitigations to address the security issues. The ISA must also develop and implement security controls in RFID technology products to meet policies and regulatory requirements and ensure secure transmission controls between applications and servers, carry out physical security controls on RFID technology products using the latest encryption software and conduct penetration testing on RFID technology products prior to release.
Bachelor’s degree or higher in Computer Science, Information Technology, Computer Engineering or closely related degree with coursework in Software Engineering and Computer Security. Minimum one-year experience working with RFID technologies, IoT systems and with HIPAA and ISO 27001 regulatory requirements on IT security.