IT Security Analyst (OCI-Oracle Cloud) - Remote
RemoteWorker US
- Unable to sponsor | Must have green card or citizenship * This IT Security Analyst will identify and assess security risks, analyze security data, and develop and implement security strategies to protect an organization’s technology infrastructure and data. Primary duties and responsibilities will be to perform code reviews for .NET/SQL Windows environments hosted in Oracle Cloud. You'll perform vulnerability scans and answer security questionnaires as we are a heavily audited environment. Also, you'll create and maintain protocols, processes, and procedures to guard against cyber threats, unauthorized access, and data breaches. In addition, will collaborate with IT, security team, and business members to architect and deploy new information security technologies. You will also assist in supporting the Compliance and Audit Program. Duties: Assist in the execution of information security strategies. Perform API, Web Service, Web Application and Microservice security testing. Perform manual code reviews for C#.NET, JavaScript, and SQL for Windows in an Oracle Cloud (OCI) environment. Write requirements for vulnerability remediation. Perform architecture security assessments and vulnerability scans, and work with IS teams to ensure remediation. Develop and maintain security threat models. Assist in responding to external security assessments and customer security questions. Formulate, implement and monitor security technologies and controls. Perform third party and open source software security reviews and maintain approved software inventory. Assist in all areas of security during security incident response including maturing people, process and technology. Assist in the coordination and delivery of security awareness training as required. Make recommendations for enhancing data systems security. Monitor security systems (i.e. IDS/IPS, SIEM, AV, WAF, etc.) and ensure proper escalation and resolution of alerts are met. Requirements: 3-5 years systems experience, with ORACLE CLOUD (OCI) environment required ISO 27001, SOC2 and/or HITRUST framework experience preferred Knowledge of OWASP Top 10 and SANS Top 25 Manual code reviews in C#.NET / Windows Experienced in Secure SDLC implementation and best practices Previous experience as a DBA, Developer, System Administrator, Web Server Administrator Current information security certification (e.g., CISSP, Security +, CEH, OSCP, GCIA etc.) HIPAA Privacy and Security Rule knowledge required Experience with using Ansible, Python, Linux, AWS, JIRA and Confluence a plus Experience with vulnerability assessments and vulnerability scanning tools