Let’s Connect Today!

NextGen Person

IT Security Analyst-Sr in St. Louis, MO at NextGen

Date Posted: 6/1/2019

Job Snapshot

Job Description


The ideal candidate will have excellent technical, analytical and engineering skills which allow them to effectively identify and remediate platform (*nix, Wintel, Storage, Database) security risks in the environment such as misconfigurations, deprecated versions or protocols and architectural/design flaws. This role will partner closely with our Information Risk Management (IRM) organization continuously to drive secure solutions.

• Security Architecture
o Control Design, Standard Creation, Gold Image and Build Process Management
• Core Service Expert
o SSH, SMB, RDP, etc.
• Security Administrator
o Strong understanding of configuring authentication, crypto, 2FA
• Decipher & Action Plan Vulnerability and Penetration Test Reports
o Identify Abuse Cases (e.g. logic/process flaws)
• Automate Identification and Remediation
o Ability to develop/script in JavaScript, bash, Ansible, and python
• Ability to think like an attacker and partner with key stakeholders to develop controls. Must be able to think outside the box.
• Ability to develop custom solutions and controls which effectively remediate vulnerabilities.
• Demonstrate strong skills while providing accurate analysis of findings
• Develop innovative and creative ways to carry out remediation activities, and strategic business and team objectives.

• Knowledge of what constitutes a cybersecurity risk and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issues.
• Ability to develop and maintain strong partnerships with key stakeholders, and to work across diverse businesses and regions, balancing the needs of multiple organizations.
• Excellent organizational skills and ability to communicate with internal/external entities and executives a must
• Effective leadership and demonstrated ability to coordinate people and teams to project completion
• Familiarity with external regulations, e.g., PCI, HIPAA
• Certification in information security (CISSP, OSCP, GWAPT or equivalent) preferred