Cyber Security Engineer - Bellevue, WA
Info-Ways
- Bellevue, Washington, United States
- Bellevue, Washington, United States
Über
Plan, execute, and manage multi‑faceted projects related to security assurance, risk management, cyber‑security, data security, application security, network security, and infrastructure/information asset protection. Review assessment progress against established goals, objectives, service level targets, and project milestones. Perform Business Impact Analysis on current and upcoming projects from a security perspective. Evaluate projects against security practices and provide a Security Architecture Score rating. Assess the efficiency, effectiveness, and compliance of operational processes with corporate security policies and related government regulations. Evaluate design documentation and perform design assessments to ensure appropriate security controls are implemented within designs. Develop reference architectures and roadmaps for program initiatives. Recommend strategies to mitigate vulnerabilities identified through vulnerability assessments and penetration tests of applications at production level and source code level (DAST and SAST). Perform vulnerability analysis of applications based on industry‑wide Application Security Threat Models such as ASF, STRIDE, and the DREAD risk assessment model. Provide technical solutions to mitigate identified vulnerabilities during threat modelling and vulnerability analysis. Conduct privacy and security policy impact security architecture assessments. Integrate ticketing systems with various technologies to track incidents and remediation holistically. Develop audit or assessment plans, audit schedules, and dashboards to track project progress. Assist audit teams in developing audit reports and present reports to top management as needed. Document the audit process for a variety of cyber security environments. Prepare effective reports and metrics to highlight project status and findings to management. Manage and develop a team of cyber security assessment professionals. Qualifications
Sound understanding of Mobile Device Management and security. Proficiency in various cyber security frameworks. Knowledge of secure coding practices to enable secure SDLC during the development phase. Experience with risk frameworks such as COSO ERM, FERMA, NIST‑RMF and security architecture frameworks including SABSA, OSA, and TOGAF 9. Extensive understanding of web application architecture and security frameworks. Deep knowledge of various application threat models and their applicability to existing and upcoming applications. Understanding of data privacy and security regulations. Experience with ISO 27001, NIST‑CSF, CIS‑CSC, PCI‑DSS, SCADA systems, and cloud security assessment. All your information will be kept confidential according to EEO guidelines.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.