The Security Analyst will work with development teams to review application source code for security and operational risks as well as perform manual code reviews, provide security documentation and guidance to development teams on security flaws. Other duties include:
- Performs application security assessments and remediation activities as part of the application security program.
- Guides and performs security activities including vulnerability testing and analysis, code review, static and dynamic code testing.
- Makes recommendations on toolset modifications and improvements, improvements on development processes and production application security support
- Evangelizes application security program fundamentals, tools, processes
- Ensures teams are validating for OWASP and performing industry leading application security practices.
- Experience in static security testing, dynamic security testing, and open source security testing. Background with application security assessments
- Experience in application technology security testing (white box, black box and code review)
- Some system administration and scripting experience with at least SQL databases (PL/SQL Scripting, Qik and Oracle Database Tools are a plus)
- Outstanding communication, analytical skills and ability to function in a globally diverse work environment
- Proficiency in performing secure code assessments, and in defining treatment strategies
Education and Experience:
- Bachelor’s degree in Computer Science or related field or equivalent experience/certification
- Application Security: 3 years (Required)
- 3 years working as a frontend or backend software developer
- Has worked as a developer on a team
- Knowledge of at least one compiled programming language
- Knowledge of at least one interpreted programming language