Application Security Analyst

Job Title: Application Security Analyst
Job Location –Remote
Duration: Long Term Contract

Required Skills:

• Professional certifications in information technology security; Certified Information System Security Professional (CISSP) preferred
• In depth experience and knowledge of security concepts, threat, threat modeling, vulnerability exploitation, and common website and application vulnerabilities including but not limited to, SQL Injection, Cross-site scripting (XSS) and Session Management
• Experience or knowledge of Fortify, Fortify On-Demand, Web Inspect, Qualys, Visual Studio Team Suite, and Azure; Experience with Microsoft technologies such as C# and ASP.NET, as well as common open source code (Bootstrap, JQuery, Angular, Typescript, etc.)
• Experience with integrating SCA code scanning into the build process and approaches for integration into CI/CD methodologies; experience with DevOps/Agile environments and delivery models
• Code scanning and assessment experience - Manual/Automated/Static/Dynamic using Fortify and Fortify On-Demand
• Background working on large-scale international projects and the ability to manage multiple processes and projects at once
• Bachelor's degree in Computer Science(s), Information Technology/Security, Systems Engineering or similar area.
• 9-12 years of relevant application develop and IT security experience.
• Experience in supporting software application and system code security assessments using automated tools such as Fortify and Fortify On-Demand.
• A holistic understanding of attack vectors, current threats, and remediation strategies.
• Experience with computer forensics practices and procedures, basic investigations, and evidence handling is preferred.
• Able to provide support outside of standard working hours and support international teams with clear and simple written and spoken communications to both technical and non-technical business customers
• Strong written and oral communication skills for effective communication at all organizational levels; attention to detail and pride in well-presented and accurate work
• Customer and business focus and adeptness in interacting with customers to provide process and technical information in response to inquiries, concerns, and requests about processes, products and services
• Conduct the review of software applications and systems from a security and privacy perspective; review and contribute to client’s Standards used in the solution security review process and povide security recommendations and better practices regarding secure software development in waterfall, agile, and DevOps methods.

Job Type: Contract

Salary: $60.00 - $63.00 per hour

Schedule:

• 8 hour shift

Experience:

• ASP.NET (Preferred)
• Application security (Preferred)
• CI/CD (Preferred)

Work Location: Remote