Sign upLog in

Information Security Analyst IV

Kforce Inc.

New York, NY

Apply
JOB DETAILS
SALARY
$83–$124
SKILLS
Agile Programming Methodologies, Amazon Web Services (AWS), Application Programming Interface (API), Applications Security, Atlassian JIRA, Benchmarking, Business Operations, CISSP - Certified Information Systems Security Professional, Cloud Applications, Cloud Computing, Computer Science, Continuous Deployment/Delivery, Continuous Integration, Docker, Documentation, Establish Priorities, ISO (International Organization for Standardization), Identity Data Management, Industry Standards, Information Technology & Information Systems, Information/Data Security (InfoSec), International Electro-Technical Commission (IEC), Internet Application, Internet Security, Internet of Things, Leadership, Legal, Microsoft Windows Azure, Model Review, Multiplatform/Cross-Platform, Multitasking, Penetration Testing, Project/Program Management, Regulatory Compliance, Risk, Risk Analysis, Security Analysis, Security Architecture, Security Design, Security Infrastructure, Service Level Agreement (SLA), ServiceNow, Short Messaging Service (SMS), Software Development Lifecycle (SDLC), Software Testing, Team Player, Technical Writing, Test Automation, Time Management, U.S. National Institute of Standards and Technology (NIST)
LOCATION
New York, NY
POSTED
4 days ago
Kforce has a client in NYC that is seeking a Information Security Analyst IV. Summary: The Information Security Analyst will work in a dynamic team environment and play an important role in helping the Federal Reserve carry out its responsibilities. They will be responsible for risk assessments, Cloud mitigations, security application testing, thread modeling security design review and overall information systems risk. We're seeking a seasoned security professional with 5+ years of hands-on experience in application security assessments and penetration testing. You should possess expert-level knowledge of cloud security across major platforms (AWS, Azure, etc.), with deep understanding of security architecture, identity management, and cloud-native controls. Advanced proficiency in Burp Suite Professional is essential, including experience with extensions, macros, and custom scanning configurations. Additionally, you should have practical experience conducting IoT and ICS security assessments, familiarity with OT protocols and industry frameworks (IEC 62443, NIST), and comprehensive knowledge of OWASP Top 10, API security risks, and common web application vulnerabilities.

Requirements:

  • Bachelor's degree in Computer Science, Information Security, or related field, or equivalent practical experience demonstrating the required skills and competencies
  • Preferred Certifications: GWAPT, CEH, CISSP, CSSLP or cloud security certifications (AWS Security Specialty)
  • Proven expertise in securing the software development lifecycle through GitLab
  • Practical knowledge of DevSecOps practices including shift-left security, infrastructure-as-code security, and automated testing
  • Experience implementing and configuring security tools within CI/CD pipelines (SAST, DAST, SCA, container scanning) is required, along with solid understanding of containerization and orchestration security (Docker, Kubernetes) and cloud-native application architectures
  • Working knowledge of industry security standards and frameworks including NIST, ISO 27001, CIS Controls, SOC 2, and cloud-specific benchmarks
  • Experience conducting vendor security assessments and third-party risk evaluations is essential, as is familiarity with compliance requirements relevant to cloud applications
  • Proven ability to build strong relationships with development teams, work collaboratively in Agile environments, and present effectively to executive leadership with a consultative approach
  • Able to assess risk, prioritize based on business impact, and think like an attacker while balancing security requirements with practical business objectives and operational constraints
  • Self-directed and autonomous professional who successfully manages multiple concurrent projects, consistently meets deadlines and SLAs, and delivers high-quality work in fast-paced environments with shifting priorities
  • Strong technical writer experienced in creating comprehensive security reports and documentation
  • Committed to knowledge sharing and proficient with collaboration tools (Jira, Confluence, ServiceNow)

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.


About the Company

K

Kforce Inc.

Kforce is a solutions firm specializing in technology, finance and accounting, and professional staffing services. Our KNOWLEDGEforce® empowers top companies to achieve their digital transformation goals. We curate teams of technical experts who deliver solutions custom-tailored to each client’s needs. These scalable, flexible outcomes are shaped by deep market knowledge, thought leadership and our multi-industry expertise.

 

Our integrated approach is rooted in 60 years of proven success deploying highly skilled professionals on a temporary and direct-hire basis. Each year, approximately 18,000 talented experts work with the Fortune 500 and other leading companies. Together, we deliver Great Results Through Strategic Partnership and Knowledge Sharing®.

COMPANY SIZE
1,000 to 1,499 employees
INDUSTRY
Financial Services
FOUNDED
1962
WEBSITE
http://www.kforce.com/

Resume Resources

Free Resume TemplatesFree Resume Builder