Senior Security Analyst - Remote

The Role

Our expert level Security Architect role within the Security department will work with the CentralSquare Development Team and other key stakeholders to develop, implement, and manage Security controls into CentralSquare's product development and DevOPS teams.

Job Duties Include:

• Work closely with Product and DevOps leadership to drive security architecture for cloud-based solutions.
• Lead the integration of Cybersecurity within DevOps to ensure the confidentiality, integrity, and availability of CentralSquare Cloud assets and infrastructure.
• Assist with Cloud implementation of the Secure Software Development Life Cycle, specifically related to program interfaces, application architecture, data protection, identity and access management.
• Manage Static and Dynamic Code analysis tools. Work with Development staff to fully integrate and utilize these tools.
• Perform risk management tasks within CentralSquare DevOps activities.
• Manage and Track all Security testing within DevOps ensuring identified vulnerabilities are mitigated in accordance with CentralSquare Cybersecurity policies.
• Implement security technologies to protect CentralSquare assets.
• Assist in bug fixes identified throughout the development lifecycle.
• Research potential attempts to compromise the confidentiality, integrity, or availability of assets.
• Collaborate laterally throughout the organization to align security strategy with business needs.
• Perform other security operations, risk and regulatory compliance duties as assigned.

Requirements:

• Bachelors in a related field, or equivalent experience
• 8 years' experience in Cybersecurity applications testing
• In-depth understanding of security controls as they relate to IaaS, PaaS, SaaS cloud models
• In-depth knowledge of industry standard Static and Dynamic Code analysis tools
• Knowledge of security control frameworks such as NIST CSF, ISO 27002, OWASP
• Knowledge and experience in threat mapping and the ability to champion this discipline
• Knowledge of modern programming languages used to support DevSecOps and cloud implemented applications
• CISSP, CCSP or industry-related certification desirable
• Self-motivated and well organized. Must be able to prioritize tasks and work well under pressure
• Strong oral, written, and interpersonal skills are required
• Experience working with local government agencies a plus