Information Security Analyst

Job Description

Preferred candidate profile - Experience with threat modeling frameworks, attack vectors and vulnerability analysis: CAPEC, ATT&CK, STRIDE Experience with application security controls (Web, API, Mobile, AI) Experience with common information security management and application frameworks: NIST 800-53, CSF, OWASP ASVS. Experience with Application Security design and DevSecOps Full stack knowledge of application architectures including: Single Page Applications, REST APIs, SOAP APIs, Mobile Applications. Experience with Java, Java script and mobile application development. Knowledge or familiarity with database architectures including Oracle, SQL, DB2 and NoSQL Databases Experience with Cloud security, architecture, design, implementation, and operations- Exposure to IAM Controls (OAuth 2.0, OIDC, JWT) Strong familiarity with Cryptography Controls (Data at rest, in motion).- CISSP, CISM, CSSLP, CISA, CRISC, OSCP