Vacancy expired!
Youngsoft, Inc. (www.youngsoft.com) is a global software solutions IT company, delivering digital enterprise business betterment since 1996. Through collaborative engagement and discovery with our clients and vendors, we co-create industry specialized digital products, applications software, process, programs, and project outcomes. Headquartered in metro-Detroit, we leverage "pods" of Subject Matter Experts, Business Analysts, Solutions Architects, Software Engineers, and Project Managers, fused with HyperCare through our Global Support Centers. Through inclusivity, we share a singular vision to deliver world-class measurable upside results to our customers. It takes a village – come join ours!
Position IDescriptionHYBRID REMOTERole Summary:This position will be part of our Cybersecurity department, which is responsible for assuring that security principles and company security policies are adhered to in the design and delivery of systems and software. The Cybersecurity Junior Analyst is responsible for leading a coordinated effort to assess and audit applications, internally and externally. This role will also coordinate penetration tests and third party cybersecurity assessments.- Assessing applications with the designated IT and Business owners to meet security requirements, internally and externally, following the documented Application Security Assessment (ASA) process
- Managing and organizing the documentation for ASAs
- Setting up and leading meetings between the Business and IT owners to conduct interviews for ASAs
- Gathering evidence for applications based on ASA control measures, third party assessments and penetration tests
- Coordinating penetration tests for applications and ensuring that identified findings are remediated prior to approval/launch
- Ensuring known vulnerabilities are identified and documented for applications
- Performing and/or supporting cybersecurity assessments of third parties that are a part of applications through the review of third party cybersecurity questions, participation in third party interviews, and review of third party documentation
- Managing assessment activities and associated timelines persuade to both business and IT need in an urgent but business-like manner
- 1+ years of professional experience in information technology, including at least 1 years of experience in Cybersecurity. Educational experience is accepted in place of professional experience.
- Required: Bachelor’s Degree or a combination of formal education and work experience equaling a Bachelor’s Degree
- Desired: Bachelor’s Degree in Information Security, Technology or Computer Science
- Broad understanding of computer networking, technology, and customer service with a security focus
- Understanding of common web application security concepts, such as the OWASP Top 10, and their practical implementation
- Experience with industry cybersecurity frameworks (eg. NIST 800-53 or equivalent)
- Operational knowledge and skills related to conducting industry standard application security assessments
- Experience gathering evidence to verify cybersecurity control implementation
- Strong verbal and written communications skills, with an ability to express complex technical concepts in business terms to multiple different audiences
- Ability to inform, educate and influence business and IT employees to support goals and initiatives of the Cybersecurity department
- Analytical and conceptual thinking – using logic and reason, creative and strategic
- Integration – joining people, processes or system
- Excellent planning, organization, and time management skill
- Ability to work independently with minimal supervision
- Cybersecurity Certification (Certified Information Security System Professional (CISSP) certification or equivalent)
- Coding experience
- Assessing applications with the designated IT and Business owners to meet security requirements, internally and externally, following the documented Application Security Assessment (ASA) process
- Managing and organizing the documentation for ASAs
- Setting up and leading meetings between the Business and IT owners to conduct interviews for ASAs
- Gathering evidence for applications based on ASA control measures, third party assessments and penetration tests
- Coordinating penetration tests for applications and ensuring that identified findings are remediated prior to approval/launch
- Ensuring known vulnerabilities are identified and documented for applications
- Performing and/or supporting cybersecurity assessments of third parties that are a part of applications through the review of third party cybersecurity questions, participation in third party interviews, and review of third party documentation
- Managing assessment activities and associated timelines persuade to both business and IT need in an urgent but business-like manner
- Required: Bachelor’s Degree or a combination of formal education and work experience equaling a Bachelor’s Degree
- Desired: Bachelor’s Degree in Information Security, Technology or Computer Science
- Cybersecurity Certification (Certified Information Security System Professional (CISSP) certification or equivalent)
- Broad understanding of computer networking, technology, and customer service with a security focus
- Understanding of common web application security concepts, such as the OWASP Top 10, and their practical implementation
- Experience with industry cybersecurity frameworks (eg. NIST 800-53 or equivalent)
- Operational knowledge and skills related to conducting industry standard application security assessments
- Experience gathering evidence to verify cybersecurity control implementation
- Strong verbal and written communications skills, with an ability to express complex technical concepts in business terms to multiple different audiences
- Ability to inform, educate and influence business and IT employees to support goals and initiatives of the Cybersecurity department
- Analytical and conceptual thinking – using logic and reason, creative and strategic
- Integration – joining people, processes or system
- Excellent planning, organization, and time management skill
- Ability to work independently with minimal supervision
Vacancy expired!