Sr. Application Security Analyst

Location: San Antonio, TX, United States
Date Posted: 06-11-2018
We are seeking a Sr. Application Security Engineer to evaluate, design, monitor, administer and/or implement Information Security systems, policies and processes focusing on mitigating, reporting and analyzing web, mobile, server and desktop applications and systems. .This is a full time position with a stable company which offers outstanding benefits.
  • Integrates information security systems software and hardware. Performs routine and complex end to end support of a variety of security users and applications.
  • Performs development and maintenance activities for security applications and tools. Troubleshoots complex systems and networking problems. Performs investigative research, analysis and troubleshooting to identify, resolve, and report highly complex security issues. May evaluate and monitor system or tool performance.
  • Monitors system and network configurations to ensure compliance with information security policies, standards and procedures. Performs technical evaluations and testing of security hardware and software.
  • Identifies operational inefficiencies and potential risks, executes and improves operational processes and mitigates risk. Defines and adjusts processes required to detect, analyze, and respond to security incidents.
  • Processes requests to design, modify and grant security accesses, and other security requests as assigned. Provides guidance to team on complex role provisioning scenarios.
  • Performs routine and complex project support for security and infrastructure efforts. May provide audit support. Provides technical guidance to the IT department about risks and control measures associated with new technologies.
  • Collects, compiles, and generates information security reports on system and network accesses. Reports and prepares briefing packages for presentation to customers, management and senior leadership.
  • May perform network and host-based penetration testing using internal and commercially available tools and/or coordinate and manage third party penetration testing activities
 Minimum Requirements
  • Bachelor's degree OR 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree.
  • 4+ years experience developing and implementing Information Security Applications.
  • Proficient knowledge of Information Security technical discipline
  • Hands-on application development (four years) and application security (two years) experience in multi-tier systems using Java/J2EE and/or C#/.NET. 
  • Experience in: defining application security standards and requirements, performing risk assessments of cloud vendors and implementations, facilitating threat modeling, and defining mitigating controls;  common application security tools (Fortify, AppScan, WebInspect, Burp Suite, etc.); implementing security within a continuous integration pipeline (highly preferred)
  • Well versed with exploitation techniques and common security flaws in: web applications, mobile applications, Cloud applications (SaaS, PaaS, IaaS)
  • Proven ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner

For more information, please apply below or contact us
this job portal is powered by CATS