Sunsoft Tech Inc is a staffing and recruiting company.
"Position: Technical Business Analyst - Application Security
Location: Philadelphia, PA
Duration: 6 Months
The Application Security Specialist in this Business Analyst (BA) role will provide technical expertise and planning assistance for the client’s Information Protection (“InfoProtect”) Programme. The incumbent must apply both broad and deep technical expertise to evaluate, develop and implement security standards, procedures and tools for multiple platforms and diverse system environments in order to limit potential risk to client over the entire computer application lifecycle.
• As a key member of the “Application Security InfoProtect Workstream,” develop thorough understanding of application risk in the regulated Pharmaceutical industry
• Evaluate best “Secure Development Practices” proposals to serve as basis for implementing improvements
• Research and recommend and help to implement potential products, procedures and possibly vendor partners to meet agreed policies and procedures to protect client assets
• Work with extended InfoProtect Programme to evaluate specific tools (e.g., source code analysis, vulnerability scanners, testing techniques, etc.) to ensure compliance of computer systems
• Plan testing, implementation and monitoring processes/tools for selected technologies to be embedded in the client environment.
Incumbent will assume additional responsibilities as assigned.
• Education to Bachelor’s degree, preferably in Information Security, Computer Science or related technology (or equivalent work experience)
• 5+ years of experience in Application Security and/or related technical field –understanding of security and risk in terms of software and applications
• Broad work experience spanning multiple information security functions, particularly as related to application vulnerability assessments, penetration, compliance testing, tool selection and implementation, etc.
• Understanding of regulatory and business drivers that impact security policies and practices
• Excellent English oral, written, verbal and presentation skills for a wide variety of audiences, including senior management
• Effective interpersonal skills
• Very strong matrix management skills – ability to manage by influence rather than direct line control, with clear ability to work effectively in a cross-functional team environment (potentially including vendor and offshore teams)
• Excellent skills using the Microsoft Office Suite (especially Excel for data analysis)
• Ability to work in a multinational environment across multiple business areas within client
• Ability to utilize experience, influencing and negotiating skills to facilitate successful design and implementation, stakeholder management and effective issue resolution
• Experience and current expert knowledge of Identity and Access Management (IAM) and Governance and Regulatory Control (GRC) tools to understand, evaluate and quantify risk
• Two+ years of experience evaluating the security of applications using both manual and automated techniques.
• Related experience in a regulated pharmaceutical environment
• Data analysis experience using database queries, reporting tools, etc.
• Preferred certifications: CISSP and/or CRISC
Thanks & Regards,
SYSTEL INC | Atlanta, GA
A Certified (MBE) Minority Business Enterprise"