About the Role
A well-established educational organization is seeking a Senior Security Analyst - Contractor to join their Information Security and Identity team. This role will help enhance the security of digital infrastructure, protect sensitive data, and proactively address cybersecurity threats. This is a 6-month contract position with the possibility of extension, allowing for a flexible hybrid work model based in Golden, Colorado.
Key Responsibilities
- Incident Response: Swiftly manage and respond to security incidents such as phishing, malware, and targeted attacks, utilizing the necessary tools to ensure quick and effective resolutions.
- Application Security: Perform assessments of third-party applications to identify risks and execute quarterly application audits using industry-standard tools (e.g., Fortify, WebInspect).
- Vulnerability Management: Monitor, analyze, and manage new security vulnerabilities and perform risk assessments, providing actionable recommendations for remediation.
- Security Strategy: Define protection goals, objectives, and metrics that align with the organization’s strategic initiatives.
- Collaboration and Intelligence: Stay updated on the InfoSec landscape and collaborate with project management teams to address security needs.
- Ongoing Support: Manage InfoSec tickets and provide security guidance on projects as necessary.
Requirements
- Experience: 5-7 years in IT security or related fields.
- Education: Bachelor’s degree in Information Technology, Computer Science, or Computer Engineering preferred (or equivalent experience).
- Certifications: Relevant certifications (e.g., CISSP, Cisco Certified Security Professional, GSEC, GCIH, CISM) are advantageous.
Skills and Competencies
- Strong knowledge of network and information system security.
- Software development experience in high-level languages (e.g., Java, C, C++, .NET).
- Familiarity with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint) and application vulnerability analysis tools (e.g., IBM AppScan, HP WebInspect, Burpsuite Pro).
- Knowledge of HTTP, web programming, and OWASP methodologies.