Information Security Analyst
Digital.ai, brings together the best and brightest minds from around the world to drive outcomes and revolutionize the software industry. By transforming the way enterprises create, measure, deliver, secure, and continuously improve digital products, we are able to achieve our mission of creating a digital world we can trust.
XebiaLabs, Collabnet VersionOne, Arxan Technologies, Numerify, and Experitest are now Digital.ai.
The leaders in Value Stream Management, software delivery, and application security are now Digital.ai, bringing game-changing innovation to Global 5000 enterprises. Digital.ai turns outputs into outcomes, enabling enterprises to deliver digital experiences customers trust. With unrivaled transparency, intelligence, and security, businesses can create value, fuel growth, and drive transformation like never before.
About the Job:
Candidates will need to have a strong information security background within a software development environment as well as a demonstrated ability to drive compliance efforts as they relate to security and privacy regulations.
Provide expertise and technical leadership while collaborating with security, compliance, product managers, and developers to improve security of applications, software code, and infrastructure
Develop and manage security policies, procedures, standards, and best practices
Evaluate implementation of technical controls for efficacy and compliance with established policy and best practices
Monitor networks for security breaches and investigate a violation when one occurs
Report on security breaches and the extent of the damage caused by the breaches
Conduct tests and scans of technical infrastructure and systems to identify technical vulnerabilities
Research the latest information technology (IT) security trends
Recommend security enhancements to management or senior IT staff
Respond to information security, privacy, and compliance inquiries
Participate in certification process for security and privacy related regulations or standards
Assist with communication and awareness efforts with internal audiences as they relate to security and privacy
Collaborate with contractors assisting with execution of any related work efforts
Perform all other duties as assigned
Extensive experience working with major cloud environments (i.e. AWS, Azure)
Extensive experience with major source code repos solutions (i.e. github)
5-10 years DevOps experience in a fast moving, mid-size global organization
Experience with puppet, CI/CD processes and secure SDLC preferred
Experience in an Agile/Scrum development environment
Solid understanding of computer intrusion activities, incident response techniques, tools, and procedures
Knowledge of operating systems including Linux/Unix and Windows
Experience with security assessment tools such as NMAP, Nessus, etc. Is a plus
Familiarity with security forensics and analysis of security threats and events and able to perform vulnerability scans, analyze results and assist with remediation
Written security policies, procedures and standards for software development shop and/or SaaS provider
Ideal candidate will have experience evaluating and/or implementing security controls within a cloud environment
Experience being as a technical liaison for SOC and ISO recertification with external security auditors
Conducted & responded to audits from 3rd parties, customers, and internal audit
Supported compliance relevant security standards NIST 800-53, ISO 27001, GDPR, etc. Experience with ISO 13485 is a bonus.
Ability to think logically through complex problems to achieve technical solutions
Good oral and written communication skills, including ability to work with remote staff, auditors and customers. Good analytical skills and attention to detail. Solid teamwork with co-workers in Services, Sales, Support, Product Development and QA.
Managing complex projects from initial planning stages through execution and delivery
Positive attitude and willing to pitch in to support the team
Bachelor degree in CS or equivalent
Experience using office applications and cloud communication applications such as:
Microsoft Office 365 suite
Google Docs, Sheets, Forms, Gmail, Calendar, etc.
Atlassian’s suite of applications
Must be able to travel up to 50% domestically and globally
CISA, CISM, CISSP & PMP preferred.
Digital.ai is firmly committed to Equal Employment Opportunity (EEO). We maintain compliance with federal, state, and local laws that prohibit employment discrimination on the basis of age, race, color, gender, identity, gender expression, sex, pregnancy, national origin, ancestry, religion, physical or mental ability, medical condition, sexual orientation, marital status, citizenship status, protected military or veteran status, and all other protected classifications. We welcome everyone and believe that diversity is the foundation of innovation.
Please mention that you come from SellForThem when applying for this job.
Posted 3 months ago
Apply for this job