Security yst

This is a remote position.

At Softgic we work with the sharpest minds with those who build with those who love what they do with those who have a 100% attitude because thats our #Coolture. Join our purpose of making life easier with technology and be part of our team as a Security Analyst.

Compensation:
USD 10 17/hour.

Location:
Remote (anywhere).

Mission of Softgic:
In Softgic S.A.S. we work for the digital and cognitive transformation of our clients aware that quality is an essential factor for us we incorporate the following principles into our policy:

What makes you a strong candidate:

• You are proficient in Security analysis NIST CF (NIST Cybersecurity Framework) API and Application security.
  
• English Conversacional.
  

Responsibilities and more:

• Perform the Protection Need on a system/project which is the initial assessment that kicks off the security assessment process.
  
• Managing and organizing the documentation of vendor cybersecurityprogram assessments (VCA).
  
• Managing and organizing the documentation of technical security assessments (applications security assessments (ASAs) API assessments Infrastructure Security Assessments).
  
• Review security controls to ensure they were filled in by the applicable stakeholder and are ready for the security architect s review. Preliminarily review security assessment submissions to find issues and give the stakeholders feedback on how to correct the issue(s).
  
• Coordinate penetration testing for applications and ensure that identified findings are remediated prior to approval / launch.
  
• Prepopulate/review security risks based on the security assessment so that the Architect can review them.
  
• Review security risk form for spelling and grammar.
  
• Support the security architects in completing technical security assessments and VCAs through notetaking task/action item tracking documenting control status reviewing responses from stakeholder prior to the architect s review and coordinating meetings with stakeholders.
  
• Ask questions to internal stakeholders and vendors during ASAs and VCAs.
  
• Track technical assessment and VCA timelines and update JIRA tasks.
  
• Identify when there are potential or known vulnerabilities in a system or application and bring them to the teams / security architects to review.
  
• Preview Pen test or vulnerability scan reports for major issues to help the security architect.
  

Requirements

• 2 years of experience (e.g. CISSP Associate of ICS2).
  
• Security certification preferred.
  
• General understanding of security frameworks (e.g. ISO27001 NIST 80053 etc.)
  

Benefits

• Recognized as a Great Place to Work.
  
• Opportunities for scaling and growth.
  
• Paid time off.
  
• Support for formal education and certifications.
  
• Benefits with partner companies.
  
• Referral plan.
  
• Flexible working hours