Security Remediation Engineer
Apply NowCompany: Apolis
Location: Saint Louis, MO 63129
Description:
Role Name: Security Remediation Engineer
Location: / 6524 Manchester Ave, St. Louis, MO 63139 (On Site, NO REMOTE)
Rate: $45/hr
Job Description:
Candidates Must be local to St Louis, MO
In a typical month, this person will update knowledge
documentation, learn and document complex procedures, facilitate risk
assessments, respond to audit and security team requests for information,
submit compliance related questionnaires regarding technical aspects
of application platforms, analyze vulnerability and risk findings, validate
remediation claims, and report on remediation progress.
Some of this security analyst responsibilities include:
Creating and maintaining documentation on security related tools, processes, and best practices.
Working with technical teams to improve observability.
Investigating security breaches and other cybersecurity incidents.
Assessing risk findings, assigning them to fix teams, and reporting remediation efforts and related challenges.
Gathering key information for exception requests, including risk details, action plans, and remediation dependencies.
Partnering with security teams to improve data quality in security tools and external reports.
Clearly defining and developing new policies, processes, and training documents.
Hosting meetings with members of application, security, and leadership teams to communicate updates and changes to security postures
. Validating rendered evidence meets requirements to resolve compliance issues.
Educating application teams on security subject matter.
PREFERRED SKILLS & EXPERIENCE
To be successful, this person will must possess a strong understanding of
the wide array of AppSec and InfoSec tools, protocols, and best practices
applicable to application platforms, including their infrastructure. This person
must also be experienced in determining root cause and risk in consideration
to environmental variables. Additionally, this person must have experience
maintaining team documentation, speaking in meetings, escalating issues,
and driving teams to deliver work.
The ideal person will have a minimum of 8 years of experience in software engineering, cybersecurity, and/or cyberaudit, and will clearly express the following characteristics and competencies:
Strong verbal communication skills. Must be comfortable speaking in front
of audiences including technical teams and senior leaders, including VPs.
Strong written communication skills with the ability to produce quality literature
and technical documentation.
The ability to work with technical teams to engineer, improve, and document procedures to meet compliance requirements.
Diligence in following up on action items and inquiries.
Strong knowledge in security standards and practices for both on-premise and AWS environments; CCSP, CISSP, or other cloud-focused application security certifications are
a big plus.
Familiarity with Data Center and AWS infrastructure, including data center network architectures, virtualization, containerization, and AWS
products/offerings.
Ability to perform analysis and tests to validate findings and remediation claims.
A strong knowledge of ITIL operations and agile development practices. Experience working in a DevSecOps culture is a plus.
Location: / 6524 Manchester Ave, St. Louis, MO 63139 (On Site, NO REMOTE)
Rate: $45/hr
Job Description:
Candidates Must be local to St Louis, MO
In a typical month, this person will update knowledge
documentation, learn and document complex procedures, facilitate risk
assessments, respond to audit and security team requests for information,
submit compliance related questionnaires regarding technical aspects
of application platforms, analyze vulnerability and risk findings, validate
remediation claims, and report on remediation progress.
Some of this security analyst responsibilities include:
Creating and maintaining documentation on security related tools, processes, and best practices.
Working with technical teams to improve observability.
Investigating security breaches and other cybersecurity incidents.
Assessing risk findings, assigning them to fix teams, and reporting remediation efforts and related challenges.
Gathering key information for exception requests, including risk details, action plans, and remediation dependencies.
Partnering with security teams to improve data quality in security tools and external reports.
Clearly defining and developing new policies, processes, and training documents.
Hosting meetings with members of application, security, and leadership teams to communicate updates and changes to security postures
. Validating rendered evidence meets requirements to resolve compliance issues.
Educating application teams on security subject matter.
PREFERRED SKILLS & EXPERIENCE
To be successful, this person will must possess a strong understanding of
the wide array of AppSec and InfoSec tools, protocols, and best practices
applicable to application platforms, including their infrastructure. This person
must also be experienced in determining root cause and risk in consideration
to environmental variables. Additionally, this person must have experience
maintaining team documentation, speaking in meetings, escalating issues,
and driving teams to deliver work.
The ideal person will have a minimum of 8 years of experience in software engineering, cybersecurity, and/or cyberaudit, and will clearly express the following characteristics and competencies:
Strong verbal communication skills. Must be comfortable speaking in front
of audiences including technical teams and senior leaders, including VPs.
Strong written communication skills with the ability to produce quality literature
and technical documentation.
The ability to work with technical teams to engineer, improve, and document procedures to meet compliance requirements.
Diligence in following up on action items and inquiries.
Strong knowledge in security standards and practices for both on-premise and AWS environments; CCSP, CISSP, or other cloud-focused application security certifications are
a big plus.
Familiarity with Data Center and AWS infrastructure, including data center network architectures, virtualization, containerization, and AWS
products/offerings.
Ability to perform analysis and tests to validate findings and remediation claims.
A strong knowledge of ITIL operations and agile development practices. Experience working in a DevSecOps culture is a plus.