Security Analyst,


Project Description

One of the world's largest providers of products and services to the energy industry has a need to develop and support cloud-based enterprise information system in Oil & Gas domain.
Our project is stable, long-term and constantly adopts new technologies.

DevOps practice is tasked with the development, provisioning, operations, and performance of a global, multi-region, multi-cloud software as a service, and developer integration platform.

Work supposes close cooperation with Customer team located in Houston and following Agile principles.
Our team is senior, supportive and friendly.

In this role candidates will operate independently and as part of a team to ensure that all software, hardware, and related components are protected from cyber attacks. Duties will include developing security systems, analysing current systems for vulnerabilities, and handling any and all cyber attacks in an efficient and effective manner. Candidates should have strong IT skills and a deep understanding of cyber attacks methodology, including but not limited to Fortify SCA scans, WebInspect scans, RAF developing, and overall security policies development and deployment.


    Validate the fixes performed by developers in Fortify for vulnerabilities
    Follow up with Developer on open vulnerabilities
    Share reports of open, closed vulnerabilities
    Develop unique, effective security strategies for software systems, networks, and cloud provider
    Safeguards information system assets by identifying and solving potential and actual security problems
    Protects system by defining access privileges, control structures, and resources
    Recognizes problems by identifying abnormalities; reporting violations
    Implements security improvements by assessing current situation; evaluating trends; anticipating requirements
    Determines security violations and inefficiencies by conducting periodic audits
    Upgrades system by implementing and maintaining security controls
    Maintains quality service by following organization standards
    Contributes to team effort by accomplishing related results as needed


Must have

    1. Thorough knowledge of Fortify SCA and SAST scans
    2. Thorough knowledge of WebInspect to and DAST scans
    3. Skills understanding developing RAF
    4. Need application development exposure
    5. System administration
    6. Network security
    7. Information security policies
    8. On-call security incidence troubleshooting
    9. Firewall and security group administration
    10. Network protocols
    11. Routers, hubs, and switches
    12. Process improvement
    13. SOC2 controls and processes
    14. Penetration testing
    15. Problem solving

Nice to have

    • Fortify SCA certification


English: C1 Advanced

Relocation package

If needed, we can help you with relocation process. Click here for more details: see more details

Work Type

Information Security

Ref Number


Explore More

LoGeek Magazine
icon Logeek Luxoft
Learn more
icon Events Luxoft
Learn more
Relocation Program
icon Relocation Luxoft
Learn more
icon Referral Luxoft
Learn more
and Grads
icon Students Luxoft
Learn more