Cybersecurity Analyst supporting Fidelity’s Cyber Assurance and Support team. Assisting with client inquiries and collaborating with technology and security teams.
About the role
- Application Security Analyst responsible for security in software development lifecycle and collaborating across teams. Focusing on vulnerabilities, risk management, and cybersecurity standards in a dynamic environment.
Responsibilities
- Develop rapport with others by demonstrating an understanding of their concerns, needs, and issues, and build an internal network of relationships that can provide advice and support.
- Consistently deliver quality client services.
- Monitor progress, manage risk, and ensure key stakeholders are informed about progress and expected outcomes.
- Stay abreast of current business and industry trends relevant to global development teams, business operations, and cyber security.
- Assist engagement with DevOps teams in evaluating vulnerability management tools across people, process, and technology.
- Work with engagement teams to own distinct portions of vulnerability management solutions tailored to client environments.
- Perform and control targeted vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls.
Requirements
- It is preferred that you have, or are working on, a bachelor’s degree or certificate in Computer Science, Information Systems, Engineering, Business, or a related field.
- An understanding of the vulnerability management lifecycle and governance.
- Familiarity with security and risk standards including ISO 27001-2, ISO 31000, PCI DSS, NIST, ITIL, COBIT, CVSSv4, and MITRE ATT&CK.
- Hands-on operational experience with vulnerability management tools (e.g., Qualys, Tenable, Snyk, trufflehog pro).
- Understanding of various operating systems (Windows, Unix, MacOS); cloud concepts (secure build images, ephemeral workloads, cloud patching); and networking fundamentals.
- A full understanding of full stack application development and mobile development on iOS and Android.
- Deep expertise in writing and running queries to prepare metrics reports and dashboards.
- Good understanding of scanning tools for APIs.
- Ability to report issues clearly and succinctly and adapt communication styles to demonstrate vulnerability severity to technical stakeholders and leadership.
- Knowledge of general cybersecurity concepts and methods including secure configuration management, data protection and privacy, security monitoring, incident response, governance, risk and compliance, patch management, and enterprise security strategies and architecture.
- Strong written and verbal communication skills with the ability to interact with senior management and technical SMEs.
- Ability to examine issues both strategically and analytically.
- Experience working in cloud and container environments.
- Penetration testing experience.
- Application security experience.
- Automation and scripting experience (e.g., Python, Bash).
- Enterprise application development experience.
- Financial services sector regulatory experience.
- Attack Surface Management experience.
Benefits
- Health insurance
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Analyst preventing incidents for GuidePoint Security. Collaborating to stay ahead of emerging threats in a hybrid position based in Philadelphia, PA.
Security Analyst within PNC's SEC DEF SECURITY FUSION CENTER evaluating and mitigating cybersecurity alerts for organizational safety. Collaborating with various teams to ensure security posture against vulnerabilities.
Senior Security Analyst role focusing on delivering cyber security solutions for DTP's Trusted and Secure Program. Collaborating with multi - disciplinary teams to enhance secure enterprise solutions.
Cybersecurity Analyst at Datacom handling incident response and threat intelligence. Collaborating in a hybrid team environment with a focus on proactive cybersecurity measures.
Cyber Security Analyst managing incidents within a SOC & SIEM platform at Axians in Switzerland. Conducting investigations and providing recommendations to reduce business impact.
Operational Technology Cybersecurity Analyst responsible for evaluating cybersecurity controls across Barry - Wehmiller's operations. Collaborates on risk mitigation strategies and incident response.
SOC Analyst responsible for continuous improvement in security service delivery and incident response. Collaborating with other teams to enhance operational efficiency in threat detection.
Analista de Seguridad L1 en Yalfer validando alertas de ciberseguridad y colaborando en incidentes. Mono y operación 24x7.
D365 User Security Analyst ensuring robust security models for Dynamics 365 and Power Platform. Designing configurations and monitoring security activity in a hybrid work environment.