This job board retrieves part of its jobs from: California Jobs | Texas Jobs | New Jersey Jobs

Find jobs in Pittsburgh

To post a job, login or create an account |  Post a Job

  Pittsburgh Job Bank  

Bringing the best, highest paying job offers near you

previous arrow
next arrow

Information Security Senior Analyst

Giant Eagle, Inc.

This is a Full-time position in Pittsburgh, PA posted March 10, 2021.

nnExperience Required: 5 to 10 yearsnn nnExperience Desired: Five years+ experience with open source security software and information security specific tools.nn nnEducation Required: Bachelors Degreenn nnCertification or Licensing Desired: CISSP, GIAC, CISAnn nnTravel Required: Regional
– Daily, Less than 10%nn nnJob Responsibilitiesnn nnDesign network and application vulnerability assessment programs and testing methodologies.nn nnPerform technical risk assessments for enterprise systems and report gaps and remediation actions.

Analysis includes automated testing using standard tools as well as manual testing and interrogation of web-based applications.nn nnDesign and configure Intrusion Prevention Systems and passive Intrusion Detection Systems.

Create and test custom signatures based on emerging threats or business needs.

Perform signature updates and reviews and tuning of sensors.

Configure automated reporting and develop escalation procedures.nn nnConfigure SIEM (Security Information and Event Management) platforms to include obtaining data from endpoints and network devices and generating reports.

Create automated workflow to address security related incidents.nn nnPerform regulatory compliance audits including SOX, PCI and HIPAA.

Report findings and advise on remediation efforts.

Assist in preparing business application owners prior to external audits.nn nnLead advisement and interpretation of emerging regulations and legal requirements.

Research, monitor and advise on emerging security threats and developments that affect business systems or network infrastructure.nn nnLead and advise on security related updates for endpoint applications and server applications, as well as vendor-supplied or proprietary security patches.

Responsible for coordination with various teams to ensure patches are deployed in a timely manner based on risk assessment to the organization.nn nnDesign and maintain various cryptographic solutions including x.509 based certificate cryptography, PGP/GPG PKI infrastructure, TLS/SSL tunneling solutions, endpoint encryption and other cryptographic solutions on multiple platforms, both at rest and in motion.nn nnPerform penetration testing on multiple platforms and network environments including wireless (RF), wired, physical, social and the like, following frameworks such as the OSSTMM and ISSAF.nn nnReview firewall rules and access control lists for appropriate access this may include port and protocol analysis to best determine scope of access rules.nn nnAssist in creating and maintaining information security policies, including technical and administrative policies.nn nnHave availability for 24/7 rotational support.nn nnConduct research on new security technologies and products, both open source and vendor proprietary.nn nnGiant Eagle, Inc.

is pleased to be an equal employment employer: Women/Minorities/Veterans/Individuals with Disabilities.nn