Information Security Analyst

Job Responsibilities:

• Evaluate/assess Application Security Architecture and suggest recommendations. Provide best practices.
• Support administration of local and vendor managed security solutions for MTS environment.
• Analyze security threats, vulnerability assessments, and audit results to recommend security solutions that enable business objectives.
• Work with Application Engineering teams to ensure public access applications are designed and implemented with necessary security controls.
• Work with the Application Engineering teams to ensure Static Application Security Testing is performed as part of CI/CD. Provide guidance on remediation.
• Conduct Dynamic Application Security Testing. Review findings and engage Application Engineering teams for remediation.
• Review and improve Access Management & Controls.
• Collaborate with other teams to support response efforts to security-related findings or concerns.
• Report on incident response metrics and provide assessment reports.
• Continuously improve the organization’s security stance and framework.
• Help to develop and maintain Security Best Practices manual/portal.
• Assist with the organization’s security awareness training program.
• Participate in the design and implementation of policies, procedures, standards, tools, and methodologies.
• Work with Security Operations Center to analyze and respond to alerts from automated logging, monitoring tools. Review and update the incident response and disaster recovery plans as needed
• Maintain up-to-date knowledge of the Information security industry, including awareness of new or revised security solutions and improved security processes.
• Keep a keen watch for new vulnerabilities and exploits and execute documented incident response procedures to deal with them.