Sr. Application Security Analyst (Java)
Company Name:
iTalent LLC
Direct-hire opportunity with a leader in the financial services industry!
Job Purpose
Creates, maintains, and implements information security policies and procedures for large and complex applications, ensuring alignment with IT standards. Provides expert internal consulting services related to application security which includes automated and manual run-time assessments, automated and manual code review, threat modeling, secure SDLC review and development, and secure code training for developers. This position works closely with developers to identify threats and required control points in the application(s).
Essential Job Duties & Responsibilities
Evaluates, tests, recommends, develops, monitors, and maintains information security policies and procedures for large and complex applications.
Ensures that architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IT standards and overall security.
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents pertaining to applications.
Investigates and resolves application security incidents and recommends enhancements to improve security.
Develops techniques and procedures for conducting risk assessments and compliance audits, the evaluation and testing applications for possible impact on system security.
Utilizes automated and manual code review techniques to identify application security vulnerabilities.
Works with Software Architects to define best possible security implementation options.
Leads code reviews across a variety of languages and technical platforms.
Documents vulnerabilities and works with developers to mitigate.
Researches and stays up to date on current security technologies, threats and countermeasures, provides analysis and recommendations to management.
Mentors and trains less experienced team members.
Other Duties
Available for incident and implementation management on an as needed basis.
Performs other special projects or duties as assigned.
Qualifications
Job Requirements (Knowledge, Skills & Abilities)
Excellent ability to evaluate technical specifications and identify, document, and explain security vulnerabilities, threats, and risks.
Excellent security testing knowledge, including security test plan creation and execution.
Excellent knowledge and expertise in applicable programming languages.
Excellent knowledge of application security.
Excellent knowledge of code audit vulnerability testing and threat modeling.
Excellent verbal and written communication skills.
Excellent problem-solving and analytical skills with the ability to develop technical and business solutions.
Excellent understanding of System Development Life Cycle methodologies.
Excellent knowledge of Jacksons and/or its affiliates products, regulatory requirements, and business processes.
Excellent knowledge of the supported systems and their interfaces with other systems.
Strong orientation toward customer service.
Demonstrated software testing background.
Ability to lead manual and/or automated test projects using available test frameworks and tools.
Ability to explain and communicate technical concepts with users.
Ability to explain and communicate business concepts with developers.
Ability to successfully manage multiple projects in a changing technical environment.
Ability to collaborate effectively in a team environment to achieve desired results.
Ability to work extended hours as needed.
Education and Experience Required
Bachelors degree or equivalent experience and/or education.
5-8 years of relevant experience required.
5
years java programming experience on mid to large sized projects.
5
years system security specific duties.
CISSP, CSSLP, CISA, or CISM certification strongly preferred or ability to acquire within 3 years.
Financial services and customer service experience preferred.Estimated Salary: $20 to $28 per hour based on qualifications.
iTalent LLC
Direct-hire opportunity with a leader in the financial services industry!
Job Purpose
Creates, maintains, and implements information security policies and procedures for large and complex applications, ensuring alignment with IT standards. Provides expert internal consulting services related to application security which includes automated and manual run-time assessments, automated and manual code review, threat modeling, secure SDLC review and development, and secure code training for developers. This position works closely with developers to identify threats and required control points in the application(s).
Essential Job Duties & Responsibilities
Evaluates, tests, recommends, develops, monitors, and maintains information security policies and procedures for large and complex applications.
Ensures that architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IT standards and overall security.
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents pertaining to applications.
Investigates and resolves application security incidents and recommends enhancements to improve security.
Develops techniques and procedures for conducting risk assessments and compliance audits, the evaluation and testing applications for possible impact on system security.
Utilizes automated and manual code review techniques to identify application security vulnerabilities.
Works with Software Architects to define best possible security implementation options.
Leads code reviews across a variety of languages and technical platforms.
Documents vulnerabilities and works with developers to mitigate.
Researches and stays up to date on current security technologies, threats and countermeasures, provides analysis and recommendations to management.
Mentors and trains less experienced team members.
Other Duties
Available for incident and implementation management on an as needed basis.
Performs other special projects or duties as assigned.
Qualifications
Job Requirements (Knowledge, Skills & Abilities)
Excellent ability to evaluate technical specifications and identify, document, and explain security vulnerabilities, threats, and risks.
Excellent security testing knowledge, including security test plan creation and execution.
Excellent knowledge and expertise in applicable programming languages.
Excellent knowledge of application security.
Excellent knowledge of code audit vulnerability testing and threat modeling.
Excellent verbal and written communication skills.
Excellent problem-solving and analytical skills with the ability to develop technical and business solutions.
Excellent understanding of System Development Life Cycle methodologies.
Excellent knowledge of Jacksons and/or its affiliates products, regulatory requirements, and business processes.
Excellent knowledge of the supported systems and their interfaces with other systems.
Strong orientation toward customer service.
Demonstrated software testing background.
Ability to lead manual and/or automated test projects using available test frameworks and tools.
Ability to explain and communicate technical concepts with users.
Ability to explain and communicate business concepts with developers.
Ability to successfully manage multiple projects in a changing technical environment.
Ability to collaborate effectively in a team environment to achieve desired results.
Ability to work extended hours as needed.
Education and Experience Required
Bachelors degree or equivalent experience and/or education.
5-8 years of relevant experience required.
5
years java programming experience on mid to large sized projects.
5
years system security specific duties.
CISSP, CSSLP, CISA, or CISM certification strongly preferred or ability to acquire within 3 years.
Financial services and customer service experience preferred.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
