C091319: Senior Information Security Analyst

Job Location:

St. Louis, MO

As a

salaried fulltime

employee of Ferguson Consulting, you will function as a contract IT resource in the role of

Senior Information Security Analyst-

otherwise known as

- DevSecOps Developer

at the enterprise level for our telecommunications client in Maryland Heights MO functioning in a split role responsible for supporting a new platform integrating application security as part of software delivery and will also assist with responsibilities for Continuous Integration/Continuous Delivery (CI/CD) on the team.

As a Ferguson Consulting employee, and a consultant to our end client, you can focus on your technical skills development and career versus becoming a client SME - which is always in your best interest.

The client’s goal is to bridge traditional gaps between IT and Security while ensuring fast, safe delivery of code. To replace silo thinking by increasing communication and shared responsibilities of security tasks during all phases for security processes.

Working on site at our client


you will provide technical leadership in leading the implementation and continue to operate Application Security platform for our client’s enterprise systems. This position is also responsible for providing ongoing leadership to mature the platform including operations and governance. The candidate will have a strong understanding of information technology landscape including application security and application development languages and frameworks.

WhatYou'll Do:

  • Analyze/Define/Implement application security framework.
  • Support and maintain application security platform.
  • Work with developers to refine security checkpoints in the SDLC/DevOps that are based on the PCI Data Security Standard and other industry-accepted doctrine such as NIST SP 800-37 and/or ISO security standards.
  • Review and coordinate changes to information security policies, procedures, standards, and audit work programs in a continuous improvement model.
  • Develop secure coding standards that are based on industry-accepted best practices such as OWASP Guide, SANS CWE Top 25, or CERT
  • Secure Coding to address common coding vulnerabilities.
  • Obtain and review all required artifacts as part of go, no go analyses at security checkpoint phases in the development cycle.
  • Assist with periodic security risk assessments, IT security audits, and management reporting.
  • Assist with SCA (Software Composition Analysis) platform.

Who You Are:

  • 8 years of experience as an information security practitioner
  • Including experience with
  • Security risk assessment and systems security audit
  • PCI Data Security Standards
  • Web application security methods; OWASP
  • Software Composition Analysis tools such as XRay, Blackduck
  • Tools such as Veracode, Contrast, Fortify, etc. to manage application security
  • Build automation and packaging tools such as Maven, Gradle, NPM
  • Continuous Integration tooling such as Jenkins, Bamboo
  • Artifact/Docker repositories such as Artifactory, Nexus, Harbor
  • Comfortable with Linux; CentOS, RHEL.
  • Comfortable working with Java platforms.
  • Excellent verbal and written communication skills.
  • BA/BS in Information Technology, Computer Science, MIS or related field or equivalent work experience

The benefits:

We hire IT professionals who like to work with smart people and can hold their own in a demanding environment. Our employees build a career at Ferguson. Here IT isn’t a support function for our business – it IS our business. We strive to develop a professional relationship with each employee – and that is what you are, our direct employee. Our pay and benefit levels recognize the advanced skills of our talented staff members. In addition, we are unique in our market in the emphasis that we place on continuing education, including an annual training allowance that is an integral part of our compensation package. This kind of investment in our employees’ professional development is an important contributor to making Ferguson a desirable place to build an IT career. As a W-2 employee, your first assignment will be just that – the first of many. Our goal is to establish a long-term employee relationship with you.

The compensation:

Highly competitive base salary.

Paid overtime

$.60/$1 401K match

160 hours of Paid Time Off (PTO) Benefits

Bonus System

Health, vision, dental, and life insurance

Short-term and long-term disability

Training allowance for Leading Industry Professional Training with SLU/Wash U.

How to Apply:

If you are looking for a change and/or are interested in building or continuing your career as an IT professional and have the ability to thrive in challenging, fast-paced environments, we want to hear from you.

Please send your resume to Andy Scheffel at ascheffel@fergcons.com

Please review our website fergusonconsultinginc.com and find out more about who we are and what we can do for you.


Andy Scheffel
Ferguson Consulting
1350 Timberlake Manor Parkway, Suite 500
Chesterfield,MO 63017
(636) 728-4407
Back to the list of open positions

Subscribe to Ferguson Consulting Career Opportunities RSS Feed. Subscribe to Ferguson Consulting Career Opportunities RSS Feed.


I have confidence in Ferguson’s management and their values. I have always felt treated as a person, not a number.

— Ferguson employee since 2005

Ferguson has always been proactive about lining up my next assignment and getting me the best rate possible.

— Ferguson employee since 2000

Ferguson's management and staff take a sincere interest in the careers of their consultants. They understand the industry like no other firm I have worked for.

— Ferguson employee since 2008

Ferguson works hard laying the groundwork so that it’s easy for the consultant to succeed on the assignment.

— A Ferguson employee since 1994