Senior Web Systems Security Analyst iPipeline, Inc.
Job TitleSenior Web Systems Security Analyst
LocationExton, PA 19341
DescriptionSenior Web Systems Security Analyst
Improve iPipeline?s system and application security by identifying and verifying threats using real-world attacks.
Provide global compliance support by providing external and internal audit requirements.
Prepare applications for future compliance requirements through rigorous pre-compliance audit checks.
Educate development teams on secure coding practices.
Assist in development, verification, and education of security procedures and policies.
Ensure audit findings are accurately included in the iPipeline risk management process.
Perform spot checks to verify security policies and compliance requirements are maintained.
Perform web application, web service, and mobile application security assessment. Find, verify, report, and work with teams to remediate vulnerabilities and weaknesses.
Execute network and infrastructure vulnerability assessment and/or penetration testing, identify real world internal and external threats, and verify steps taken to correct threats accurately address issues found.
Review static code analysis and audit pre/post findings.
Analysis and review of security audit logs, alerts, and events.
Work with infrastructure team to establish and audit secure network and firewall configuration, best practices, and procedures.
Educate development teams to improve security awareness and knowledge, and demonstrate how common flaws can lead to compromise.
Build and maintain global internal and external inventory of assets ? both hardware and software.
Perform social engineering exercises to identify areas for additional training.
Work with architecture team to assist in secure code practices in early phases of the SDLC.
Pair with 3rd party penetration tests to provide business knowledge and learn additional attack perspectives.
Help establish and actively contribute to iPipeline OWASP chapter.
SANS, EC Council, Cisco, and/or other industry recognized audit or technical related certifications.
Aptitude for abstracting concepts, reverse engineering, and breaking things.
Ability to effectively communicate across different levels of technicalknowledge.
Troubleshooting and analytical background.
Diverse development and infrastructure.
||Exton, PA |