Home United States Web Application Penetration Tester

Home United States Web Application Penetration Tester

Web Application Penetration Tester

Remote at Trinity Health in United States
Posted on August 18, 2020

Job details

Employment Type:
Full time
Shift:
Description:
Open to Remote locations

Provides advanced knowledge, concepts, and analytical skills in the area of Information Security to direct and support the management and administration of information security services in one or more specific information security domains, which includes:

  • Risk Assessments (Projects or Programs)
  • Data Loss Prevention
  • User Access Reviews
  • Regulatory Compliance; i.e. PCI
  • Security Reporting Tracking & Tools: i.e, Archer
  • Vulnerability Scanning & Mitigation
  • eDiscovery and Forensics
  • Incident Response Coordination
  • Communications and Awareness
Highly desired skills include:

Application Pen tester

Ethical Hacker

Offensive Security Web Expert (OSWE)

Certified Penetration Tester (CWAPT)

GIAC Web application Penetration Tester (GWAPT)

GIAC Penetration Tester (GPEN)

CSSLP - Certified Secure Software Lifecycle Professional

CISSP - Certified Information Systems Security Professional

Plans and implements security initiatives, resolves complex security issues, and mitigates threats and vulnerabilities across an Information Security service. Oversees specific projects to design, develop, engineer and implement solutions to security requirements Communicates advanced information security concepts with clients, peers, and all levels of management and vendors effectively. Establishes and operates information security reporting procedures to validate that security controls remain in place. Acts as an advocate and resource on information security for various Regional Health Ministry (RHMs) areas and/or system-wide initiatives. Assists the business owners of various Information Resources in addressing security issues.

ESSENTIAL FUNCTIONS

1. Knows, understands, incorporates and demonstrates the Trinity Health Mission, Vision and Values in behaviors, practices and decisions.

2. Develops designs and operates one or more information security domains. Provides technical consultation and assistance in identifying, evaluating and documenting use of systems and other related services to ensure compliance with EIS policies.

3. Resolves complex security issues, and mitigates threats and vulnerabilities across an Information Security service. Reviews various system and technical documents and applies security templates. Defines security configuration and operational standards for security systems and applications.

4. Interacts with multiple vendors to ensure a cohesive client-vendor relationship that maintains and upholds services in the best interest of Trinity Health.

5. Provides guidance and direction on enterprise security procedures, security technology, and security design work; works with business stakeholders to define Information Security processes. Works collaboratively with other security professionals and Security Managers to standardize information security industry best practices.

6. Contributes to the creation of department procedures, standards and documentation for all information security services. Utilizes excellent verbal and written communication skills.

7. Participates in the creation of annual objectives and tactical plans. Responsible for the prioritization of Infrastructure investments and maintenance involving IT security.

8. Represents the EIS Director, when applicable, on EIS matters as well as serve as EIS liaison with MO Security and Privacy Officials.

9. Participates in the development and promotion of Information Security information for general awareness.

10. Participates in site-specific meetings. Participates in the creation of the development and implementation of annual objectives and tactical plans to achieve strategic planning initiatives. Monitors or enforces security policies, procedures and standards to ensure conformance with TIS objectives.

11. Ensures all projects and services meet Trinity Health Information security and regulatory standards, policies and procedures while delivering business requirements.

12. Maintains a working knowledge of applicable Federal, State and local laws/regulations; the Trinity Health Integrity and Compliance Program and Code of Conduct; as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior.

MINIMUM QUALIFICATIONS

1. Bachelor’s degree or an equivalent combination of education and experience.

2. Minimum of five (5) years of progressive experience in information services including three (3) years in information security, including experience in compliance with federal and state security regulations.

3. Certified Information Systems Security Professional (CISSP), International Social Security Association (ISSA), Certified Information Systems Auditor (CISA) or equivalent required.

4. Must possess a good understanding of enterprise security best practices relating to implementing and managing enterprise security solutions.

5. Working knowledge of HIPAA, ISO 27001/2, FISMA, FIPS, and NIST security.

6. Experience with administrative and technical assessments as well as enforcing organizational compliance.

7. Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic.

8. Must be committed to continual personal and professional growth, possess a pro-active approach with a willingness to “go the extra mile” every time for the customer.

9. Ability to work under general direction, manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and work load.

10. A personal presence which is characterized by a sense of honesty, integrity and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals and values of Trinity Health.

Open to Remote locations

Provides advanced knowledge, concepts, and analytical skills in the area of Information Security to direct and support the management and administration of information security services in one or more specific information security domains, which includes:

  • Risk Assessments (Projects or Programs)
  • Data Loss Prevention
  • User Access Reviews
  • Regulatory Compliance; i.e. PCI
  • Security Reporting Tracking & Tools: i.e, Archer
Vulnerability Scanning & Mitigation
  • eDiscovery and Forensics
  • Incident Response Coordination
Highly desired skills include:

Application Pen tester

Ethical Hacker

Offensive Security Web Expert (OSWE)

Certified Penetration Tester (CWAPT)

GIAC Web application Penetration Tester (GWAPT)

GIAC Penetration Tester (GPEN)

CSSLP - Certified Secure Software

CSSLP - Certified Secure Software Lifecycle Professional

CISSP - Certified Information Systems Security Professional Trinity Health's Commitment to Diversity and Inclusion

Trinity Health employs about 133,000 colleagues at dozens of hospitals and hundreds of health centers in 22 states. Because we serve diverse populations, our colleagues are trained to recognize the cultural beliefs, values, traditions, language preferences, and health practices of the communities that we serve and to apply that knowledge to produce positive health outcomes. We also recognize that each of us has a different way of thinking and perceiving our world and that these differences often lead to innovative solutions.

Trinity Health's dedication to diversity includes a unified workforce (through training and education, recruitment, retention and development), commitment and accountability, communication, community partnerships, and supplier diversity.

Apply safely

To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.

Share this job
Improve your chance to get this job. Do an online course on Mobile Development starting now. Claim $10 promo towards online courses. See all courses
See All Web Jobs
Feedback Feedback