Cybersecurity Analyst Junior

Youngsoft, Inc. (www.youngsoft.com) is a global software solutions IT company, delivering digital enterprise business betterment since 1996. Through collaborative engagement and discovery with our clients and vendors, we co-create industry specialized digital products, applications software, process, programs, and project outcomes. Headquartered in metro-Detroit, we leverage "pods" of Subject Matter Experts, Business Analysts, Solutions Architects, Software Engineers, and Project Managers, fused with HyperCare through our Global Support Centers. Through inclusivity, we share a singular vision to deliver world-class measurable upside results to our customers. It takes a village – come join ours!

• Assessing applications with the designated IT and Business owners to meet security requirements, internally and externally, following the documented Application Security Assessment (ASA) process
• Managing and organizing the documentation for ASAs
• Setting up and leading meetings between the Business and IT owners to conduct interviews for ASAs
• Gathering evidence for applications based on ASA control measures, third party assessments and penetration tests
• Coordinating penetration tests for applications and ensuring that identified findings are remediated prior to approval/launch
• Ensuring known vulnerabilities are identified and documented for applications
• Performing and/or supporting cybersecurity assessments of third parties that are a part of applications through the review of third party cybersecurity questions, participation in third party interviews, and review of third party documentation
• Managing assessment activities and associated timelines persuade to both business and IT need in an urgent but business-like manner

• 1+ years of professional experience in information technology, including at least 1 years of experience in Cybersecurity. Educational experience is accepted in place of professional experience.

• Required: Bachelor’s Degree or a combination of formal education and work experience equaling a Bachelor’s Degree
• Desired: Bachelor’s Degree in Information Security, Technology or Computer Science

• Broad understanding of computer networking, technology, and customer service with a security focus
• Understanding of common web application security concepts, such as the OWASP Top 10, and their practical implementation
• Experience with industry cybersecurity frameworks (eg. NIST 800-53 or equivalent)
• Operational knowledge and skills related to conducting industry standard application security assessments
• Experience gathering evidence to verify cybersecurity control implementation
• Strong verbal and written communications skills, with an ability to express complex technical concepts in business terms to multiple different audiences
• Ability to inform, educate and influence business and IT employees to support goals and initiatives of the Cybersecurity department
• Analytical and conceptual thinking – using logic and reason, creative and strategic
• Integration – joining people, processes or system
• Excellent planning, organization, and time management skill
• Ability to work independently with minimal supervision

• Cybersecurity Certification (Certified Information Security System Professional (CISSP) certification or equivalent)
• Coding experience

• Assessing applications with the designated IT and Business owners to meet security requirements, internally and externally, following the documented Application Security Assessment (ASA) process
• Managing and organizing the documentation for ASAs
• Setting up and leading meetings between the Business and IT owners to conduct interviews for ASAs
• Gathering evidence for applications based on ASA control measures, third party assessments and penetration tests
• Coordinating penetration tests for applications and ensuring that identified findings are remediated prior to approval/launch
• Ensuring known vulnerabilities are identified and documented for applications
• Performing and/or supporting cybersecurity assessments of third parties that are a part of applications through the review of third party cybersecurity questions, participation in third party interviews, and review of third party documentation
• Managing assessment activities and associated timelines persuade to both business and IT need in an urgent but business-like manner

• Required: Bachelor’s Degree or a combination of formal education and work experience equaling a Bachelor’s Degree
• Desired: Bachelor’s Degree in Information Security, Technology or Computer Science

• Cybersecurity Certification (Certified Information Security System Professional (CISSP) certification or equivalent)
• Broad understanding of computer networking, technology, and customer service with a security focus
• Understanding of common web application security concepts, such as the OWASP Top 10, and their practical implementation
• Experience with industry cybersecurity frameworks (eg. NIST 800-53 or equivalent)
• Operational knowledge and skills related to conducting industry standard application security assessments
• Experience gathering evidence to verify cybersecurity control implementation
• Strong verbal and written communications skills, with an ability to express complex technical concepts in business terms to multiple different audiences
• Ability to inform, educate and influence business and IT employees to support goals and initiatives of the Cybersecurity department
• Analytical and conceptual thinking – using logic and reason, creative and strategic
• Integration – joining people, processes or system
• Excellent planning, organization, and time management skill
• Ability to work independently with minimal supervision