Information Security Analyst

Indianapolis, Indiana

 Apollo ITS
Apply for this Job
Job Title: Information Security Analyst
Location: Indianapolis, IN- 100% Remote
Duration: 6 Months
Interview Type: Webcam
Note:
  • Candidate can use their own equipment, as long as that equipment is able to run Amazon Workspaces for connection into the state network.
Job Description:
Information security analyst position that functions as primary security code auditor for the agency's primary application.
  • Analyze code scan output from Veracode and SonarQube, along with remediation recommendations from these tools.
  • Assess security risks associated with code vulnerabilities and develop a prioritization strategy that mitigates the most critical issues efficiently.
  • Convert scan results and remediation recommendations into well-defined stories within Atlassian Jira, aligning with the Scaled Agile Framework (SAFe) for collaboration with development teams.
  • Draft policies, procedures, and best practices for publication in Atlassian Confluence to ensure consistent security practices across the organization.
  • Monitor and validate the completion of all remediation work through subsequent code scans.
  • Provide regular progress updates to the information security manager.
  • Collaborate with development teams to implement secure coding practices and address identified vulnerabilities.
Required Skills and Experience:
  • 2-5 years of experience in information security, with a focus on code and vulnerability analysis.
  • Strong knowledge of manual audit, code reviews, and remediation techniques.
  • Proficiency in using Veracode and SonarQube toolsets for code scanning and vulnerability assessment.
  • Expertise in Java programming language and familiarity with secure coding standards and guidelines such as OWASP Top Ten, CERT/CC, MITRE, Sun, and NIST.
  • Experience working with Atlassian toolsets, particularly Jira, ServiceDesk, and Confluence.
  • Understanding of authentication, authorization, session management, and secure communication mechanisms.
  • Familiarity with Windows and Linux operating systems.
  • Experience working with ORACLE and MSSQL databases.
  • Knowledge of third-party library security analysis and the ability to identify potential security leaks.
  • Excellent problem-solving and analytical skills, with the ability to translate technical findings into actionable tasks for development teams.
  • Strong communication and collaboration skills to effectively work with crossfunctional teams.
Preferred Qualifications:
  • Relevant certifications such as CISSP, CSSLP, or CEH are a plus.
  • Experience with automated security testing tools and continuous integration/continuous deployment (CI/CD) pipelines.
  • Knowledge of additional programming languages such as Python, C , or C .
  • Familiarity with cloud security best practices and securing cloud-based applications.
Required/Desired Skills:
  • Information security code analysis and review
  • Java and secure coding standards
  • Veracode
  • Atlassian toolset with focus on Jira, ServiceDesk and Confluence
  • SonarQube
  • CISSP, CSSLP or CEH certifications
Date Posted: 26 March 2025
Apply for this Job
Show me similar jobs
Send me jobs by email