The Senior Information Security Analyst is a senior hands-on role focused on ecommerce and application development security. This role requires a broad, deep level of ecommerce experience, technical expertise, and information security experience. The Senior Information Security Analyst collaborates with the Ecommerce department, IT department, and Security department to assess and manage risk; provide ecommerce platform security assurance; design, select and deploy technical controls to meet security and business requirements; and define processes and standards to ensure that security configurations are maintained. The Senior Information Security Analyst is a mentor to security team members and an escalation resource.
Plays a key collaborative, influencing and consultative role in the ecommerce secure software development life cycle
Drives the development, implementation, and operation of ecommerce security controls and practices
Collaborates with and guides Company's business units and risk management functions to identify security requirements and solutions. Components of this activity include:
Solution architecture review
Business system analysis
Penetration testing and remediation
Application vulnerability scanning and remediation
Solution review and assurance
Communication, facilitation and consensus building
Monitors security information and event management and logs for unusual events. Identifies trends and recommends solutions.
Reports to and advises Company's management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
Collaborates with management to facilitate security and compliance reviews (e.g. PCI, SOX, Audits) and address any potential exceptions
Collaborates on and influences the approach of critical IT projects to ensure that security issues are addressed throughout the project life cycle.
Designs and develops security processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
Specifies, develops and analyzes operational reports to monitor and track performance metrics are aligned with defined Service Level Agreements and security requirements.
Specifies, researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments.
Serves as point of contact to solve complex problems by means of systematic and disciplined troubleshooting
Develops and disseminates information security operations documentation.
Raeder Landree, Inc. (www.raederlandree.com) is a Pittsburgh based technical consulting and recruiting firm with its office located in the South Hills area of Pittsburgh, Pennsylvania. The Raeder Landree Team is very proud of the fact that we have been providing outstanding, quality-based Technical Solutions in the Pittsburgh/Cleveland/Akron/Youngstown areas since 1995.
Raeder Landree, Inc. pr...ovides Solutions expertise in Information Technology.
• Staff Augmentation (contracting)
• Direct Hire Placement
• Contract-to-Hire Option
Raeder Landree, Inc. works with clients to understand their unique business requirements and strives to become a valued proactive member of their team.
Candidates look to Raeder Landree, Inc. to provide opportunities to increase their technical expertise and career growth.
Current Client Industries being served:
• Heavy Metals
• Software Development
Our team of Account Managers and Recruiters are senior level professionals with over half the team having ten years or more experience with Raeder Landree, Inc. This experience is critical when working our Clients’ challenging engagements.
Raeder Landree, Inc. is very proud of its sourcing capabilities and maintains an active local proprietary database of over 50,000 professionals in the Pittsburgh/Cleveland/Akron/Youngstown areas with broad experience in many diverse environments. Our sourcing capabilities range from providing full project teams to a single individual resource to supplement our client's resident team.