IT Security Analyst III - Application Security

Company: Sheetz
Location: Altoona
Posted on: July 26, 2022

Job Description:

Job Description Location: Sheetz Corporate - Altoona, PA PRIMARY PURPOSE OF THIS POSITION: The IT Security Analyst III is a senior member of the RISC team who will be focusing on Application Security; they will design, implement, and enforce complex security policies that protect systems and data from security risks. Tasks may include leading the security testing, analyzing compliance security requirements, as well as performing standard testing as development cycle continues with the project. ESSENTIAL FUNCTIONS: (other duties may be assigned) Collaborate with RISC management in the planning and design of enterprise security architecture while serving as the lead security tester. Focusing on design to implementation on the whole development stack. Working with specialized hardware, containers, embedded services, databases, and web apps. Collaborate with RISC management in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) Collaborate with IT management in the planning and design of an enterprise business continuity plan and disaster recovery plan. Maintain up-to-date advanced knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors Recommend additional security solutions, or enhancements to existing security solutions to improve overall enterprise security, and report out of compliance conditions. Lead the deployment integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry and company standards. Lead the design and execution of vulnerability assessments, penetration tests, and security audits. Provide call escalation for all in-place security solutions. Research and write security, risk, and compliance reports indicating the existence of, and effectiveness of, information technology related controls Lead evaluations and collaborate with core business partners and other security teams to improve controls via create process design which meet the evolving business needs for customer experience and efficiency. Lead risk consulting and/or training to business and technical partners to improve the effectiveness of risk management across the enterprise. This includes being responsible for assigning and managing tasks for 3rd party resources Provide guidance, interpretation, and education on specific security policies related to projects and applications, and new technologies & methodologies as business needs evolve. Provide evening and weekend on call/issue support as needed. Sheetz is open 24/7/365 and as such, our internal and external customers may require support at any time. Create and maintain Incident Response playbooks. REQUIREMENTS: (Equivalent combinations of education, licenses, certifications and/or experience may be considered) Education A four-year degree in Computer Science, Engineering or related field required. Experience 7 years cyber security experience required Experience with security operations preferred Experience with SIEM systems preferred Strong understanding of IP, TCP/IP, and other network administration protocols preferred Strong understanding of Windows and Linux systems preferred Familiarity with security incident response preferred Licenses/Certifications Maintain a continuous personal professional development program; this level requires CISSP certification and commitment to pursue additional training or certifications in risk, security, governance, compliance (e.g., CISSP-ISSEP, CISSP-ISSAP, CISSP-ISSMP, GICSP, GMOB, GCIH, CRCMP, CISA, CGEIT, CRISC, CRMA, CORP, advanced degree) Tools & Equipment General Office Equipment ABOUT SHEETZ Sheetz, Inc. is a fast-growing, family-owned, food/convenience company that has been in business since 1952. Sheetz has over 600 locations in Pennsylvania, Ohio, Virginia, West Virginia, Maryland and North Carolina. Our mission at Sheetz has been to meet the needs of customers on the go. Of course, things have changed over those nearly 70 years. Life is faster and busier, and customers expect us to be there when they need us most. One thing that hasn't changed is our commitment to our customers, our employees and the communities in which we operate. Sheetz donates millions of dollars every year to the charities it holds dear.

Keywords: Sheetz, Altoona , IT Security Analyst III - Application Security, Professions , Altoona, Pennsylvania