Senior Information Security Analyst
7 months ago
JOIN OUR WINNING TEAM AS A SENIOR INFORMATION SECURITY ANALYST
AT CARFAX WE ARE CONSTANTLY EXPANDING OUR PRODUCT AND TECHNOLOGY OFFERINGS This means we are continually bringing new, innovative products to market through exciting technology initiatives to help our customers. Come join the success in Biz Tech. As a Senior Information Security Analyst, you will be responsible for guiding technical teams in building secure products in a DevOps model. The position is targeted to enable better security as part of the software development lifecycle through simple and automated tools that are easily integrated into a developer's workflow. See if you have what it takes to join Team CARFAX
THE TECH CULTURE AT CARFAX CULTURE Having a creative and innovative environment where our developers can collaborate, learn and grow is something CARFAX is passionate about. We have an entire floor dedicated to our techies, designed specifically to enable teams to dream big and produce the best. Along with creating and maintaining awesome software you’ll also be able to participate in our quarterly Hack-a-thon’s or take a break by kicking back and playing the latest game on x-box when you need to re-boot the mind. Oh, and do you happen to have a dog? CARFAX is dog-friendly and no day goes by where you don’t have the chance to visit with one of the visiting pups. We even provide the dog beds, bowls and of course, toys
AS A SENIOR INFORMATION SECURITY ANALYST, YOU WILL:
- Technical point of contact for product teams as it relates to automation, CI/CD, and DevSecOps
- Build tools and automation scripts that enable CARFAX developers to easily consume security services
- Improve the accessibility of security through automation, continuous integration pipelines, and other means
- Evaluate and recommend products and services across the corporate security technology stack
- Research and advises on secure Cloud architecture designs to best practice
- Work with teams to identify threats and vulnerabilities by performing threat assessments
- Develop technical assessments for new technologies, 3rd party integration initiatives and provide technical support to facilitate compliance with security policies
- Develop hardened operating baselines utilizing industry standards and best practice
- Develop secure coding guidelines for personnel and provide security awareness and technical training as required
- Perform and/or analyze vulnerability scans and penetration tests to direct other parties in properly mitigating vulnerabilities
- Security incident response technical lead, performs forensic investigations to determine root causes and determine appropriate security response actions
QUALIFICATIONS:
- Bachelor's degree in computer science/related technical field or equivalent experience
- 6+ years of experience developing secure software products using TDD/Agile/XP/Lean methods
- Background in developing and release of software products in cloud, ecommerce and mobile environments
- Experience in various development tools, such as Jenkins, GitHub
- Comfortable with scripting languages, such as Python, Perl, PowerShell or others
- Familiar with common APPLICATION STACK technologies (e.g., HTTP, HTML5, AJAX, REST, JSON, etc.) and PLATFORMS (e.g., AWS, ReactJS, AngularJS, JAVA, Spring Boot, MySQL, MongoDB, Hadoop, iOS, Android, etc.)
- Familiar with containers and container management platforms including Kubernetes
- Working knowledge of core CRYPTOGRAPHY concepts (Encryption, Key Storage, Hashing, Crypto Libraries, etc.) and how they are applied and attacked in applications
- Hands-on experience with port and network scanners (Nessus, Nexpose, Nmap)
- Experience with web application scanners (Netsparker) and SAST/DAST testing platforms including Veracode
- Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies (Cisco ASA Firepower, F5 ASM, Sourcefire, Okta, etc.)
- Experience working with logging, alerting and file integrity monitoring tools
- Deep knowledge of common application vulnerabilities, current threat vectors and mitigations.
- Knowledge of IP protocols, networks, security architectures and security threats in an IP network
- Familiarity with IT security standards, compliance regulations and best practice frameworks (ISO 27001, ISO 27002, NIST, OWASP, SANS, SOX, ITIL, PCI DSS)
- Any of these preferred security certifications (CISSP, CSSLP, CEH, GSSP, GWEB)
ABOUT CARFAX
CARFAX, a unit of IHS Markit (Nasdaq: INFO), helps millions of people every day confidently shop, buy, own and sell used cars with innovative solutions powered by Carfax vehicle history information. The expert in vehicle history since 1984, Carfax provides exclusive services like Carfax Used Car Listings, MyCARFAX, Carfax History-Based Value and the flagship Carfax® Vehicle History Report™ to consumers and the automotive industry. Carfax owns the world's largest vehicle history database and is a nationally recognized top workplace by The Washington Post and Glassdoor.com. Shop, Buy, Own, Sell – Show me the Carfax™. Based inLondon, IHS Markit is a world leader in critical information, analytics and solutions.
-
Information Security Analyst
2 months ago
Columbia, United States Fathom Management LLC Full timeInformation Security Analyst Seeking an experienced Information Security Analyst. The analyst will ensure the rigorous application of cybersecurity policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services. The analyst will develop and designs security solutions to maintain confidentiality, integrity,...
-
Information Security Analyst
3 weeks ago
Columbia, United States Dobbs Defense Solutions, LLC Full timeOur Mission At Dobbs Defense, we deliver mission-centric IT, Cyber, and data analytics solutions for our government and commercial clients through the convergence of automation, innovation, training, and education. Delivering high-quality IT, cybersecurity, and data analytics solutions through proven and innovative methods is our vision. Job Description ...
-
Information Security Analyst
1 month ago
Columbia, United States Dobbs Defense Solutions, LLC Full timeOur Mission At Dobbs Defense, we deliver mission-centric IT, Cyber, and data analytics solutions for our government and commercial clients through the convergence of automation, innovation, training, and education. Delivering high-quality IT, cybersecurity, and data analytics solutions through proven and innovative methods is our vision.Job Description ...
-
Senior IS Security Risk Analyst
3 weeks ago
Columbia, United States SPECTRAFORCE Full timeJob Title: Senior IS Security Risk AnalystJob Location: Columbia, SC (Min 1 day a week but could be more)Duration: 12 Months (Possibly extended) Required Work Experience: 8 years of I/T experience including 6 years of IT security, risk assessment and/or compliance experience. Successful completion of BCBSSC I/S Entry Level Training Program (ELTP) may be...
-
Senior Information Security Professional
7 days ago
Columbia, Maryland, United States Amazon Full timeAbout the RoleWe are seeking a highly skilled Senior Security Engineer to join our U.S. Amazon Dedicated Cloud Information Security team. As a Senior Security Engineer, you will be responsible for leading security reviews, facilitating code reviews, and building/enhancing cloud architectures that support security programs.This is a high-impact role that...
-
Senior IT Security Risk Analyst
2 weeks ago
Columbia, United States DP Professionals Full timeDPP is seeking a Senior IT Security Risk Analyst for an opportunity in Columbia, SC. Candidates must be eligible to earn a low-level US security clearance. Work arrangement: Onsite.W2 position; 12 monthsMust be eligible to earn a low-level US security clearance, which requires a thorough background search and US citizenship.Summary: Management of risk...
-
Chief Information Security Officer
1 week ago
Columbia, Maryland, United States iNovex Information Systems Full timeJob Title: Chief Information Security OfficerAbout the Job:This role is responsible for designing, developing, and implementing secure networking, computing, and enclave environments. The ideal candidate will have experience with Cybersecurity policy, procedures, and workforce structure.Key Responsibilities:Participate in engineering teams for design,...
-
Information System Security Manager 3
3 weeks ago
Columbia, United States iNovex Information Systems Full timeJob Brief ORANGE you glad that you chose RealmOne. Information System Security Manager (Level 3) Job Description ORANGE you glad that you chose RealmOne? RealmOne was built on the principle that people matter first and foremost. We believe in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth....
-
Information System Security Engineer 2
3 weeks ago
Columbia, United States iNovex Information Systems Full timeJob Brief ORANGE you glad that you chose RealmOne. Information System Security Engineer (ISSE) (Level 2) Job Description ORANGE you glad that you chose RealmOne? RealmOne was built on the principle that people matter first and foremost. We believe in providing a strong work/life balance by investing in our employees and encouraging professional and personal...
-
Network Security Analyst
2 days ago
Columbia, Maryland, United States InterImage Full timeNetwork Security Analyst">At InterImage, we are seeking a skilled Network Security Analyst to join our team. As a key member of our cybersecurity team, you will play a critical role in designing and implementing network security solutions to protect our information systems and infrastructure.Job Summary:We are looking for a highly motivated and experienced...
-
IT Security Compliance Analyst
2 months ago
Columbia, United States CARFAX Full timeDescription Join Team CARFAX as an IT Security Compliance Analyst The IT Security Compliance Analyst is responsible for ensuring that the organization’s information systems and practices comply with applicable regulatory requirements, industry standards, and internal policies. This role involves assessing security controls, evaluating risk,...
-
85 Security Analyst
5 months ago
Columbia, United States Focused HR Solutions Remote Work Freelance Full time $60 - $80This job is 100% on-site in Columbia, SCOur direct client has an opening for a Security Analyst 10965-1This position is up to 12 months, with the option of extension, and is in Columbia, SCCorp to Corps are NOT allowed for this client. W2 Only.DAILY DUTIES / RESPONSIBILITIES:The Security Analyst is primarily responsible for assessing and evaluating the...
-
Cybersecurity Analyst
2 days ago
Columbia, Maryland, United States Top Secret Clearance Jobs Full timeAbout the Job: As a highly skilled Cybersecurity Analyst at Top Secret Clearance Jobs, you will play a crucial role in protecting our clients' sensitive information. With a strong background in information assurance, you will plan, implement, and monitor security measures to safeguard digital files and electronic infrastructure. Your expertise in risk...
-
Senior Information Systems Security Officer
2 weeks ago
Columbia, United States DP Professionals Full timeDPP is seeking a Senior Information Systems Security Officer (ISS0) for an opportunity in Columbia, SC. Work arrangement: Fully onsiteW2 position; 12+ months Job description:The client is seeking an expert Senior ISSO to oversee (and actively participate in) the day-to-day security and compliance requirements of complex information system operating...
-
Journeyman Information Security Analyst
3 weeks ago
Columbia, United States Synergy ECP Full timeSPYROS Information & Technology Consulting, a wholly owned subsidiary of Synergy ECP. is a Service-Disabled Veteran Owned Small Business (SDVOSB), headquartered in the Baltimore-Washington corridor, established to provide unique and exceptional services to our clients in the government and national defense sectors. SPYROS specializes in providing highly...
-
Journeyman Information Security Analyst
3 weeks ago
Columbia, United States Synergy ECP Full timeSPYROS Information & Technology Consulting, a wholly owned subsidiary of Synergy ECP. is a Service-Disabled Veteran Owned Small Business (SDVOSB), headquartered in the Baltimore-Washington corridor, established to provide unique and exceptional services to our clients in the government and national defense sectors. SPYROS specializes in providing highly...
-
Journeyman Information Security Analyst
2 months ago
Columbia, United States Synergy ECP Full timeSPYROS Information & Technology Consulting, a wholly owned subsidiary of Synergy ECP. is a Service-Disabled Veteran Owned Small Business (SDVOSB), headquartered in the Baltimore-Washington corridor, established to provide unique and exceptional services to our clients in the government and national defense sectors. SPYROS specializes in providing highly...
-
National Security Analyst
2 days ago
Columbia, Maryland, United States Top Secret Clearance Jobs Full timeAbout the job: National Security Analyst (Levels I-IV)Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours.We are seeking a National Security Analyst to support core Department of Defense IC missions at various locations. As a National Security...
-
Lead Information Security Professional
7 days ago
Columbia, Maryland, United States BigBear Inc Full timeAbout Us">At BigBear.ai, we are committed to delivering exceptional AI-powered decision intelligence solutions to our customers and partners. Our team is comprised of highly skilled professionals who share a passion for innovation and excellence.">Job Summary">We are seeking a seasoned Cyber Security Engineer to join our team. In this role, you will be...
-
83-Security Analyst
2 months ago
Columbia, United States Focused HR Solutions Full time100% on site.Our direct client has an opening for an Security Analyst 11299-1.This position is up to 12 months, with the option of extension, and is in the following locations in.Please send your rate and resume. W2 only.PREFERRED EDUCATION/CERTIFICATIONS:Bachelor's in a related area or 10+ years of experience in the field or in a related area.Rate...
