We are looking for an Application Security Analyst, who enjoys security work and possesses some expertise in the information security and data privacy space, to be part of currently expanding Information Security, Privacy & Compliance initiatives within Information Security & Data Privacy Office.
This is a great opportunity for developing a high level career. The candidates will work in a highly motivating environment, which encourages team spirit, cooperation and continuous learning, as a member of a very competent team.
The Application Security Analyst helps improve and maintain the Omilia application security program by serving and providing experienced guidance pertaining to secure software development, design and testing.
The resource will partner with DevOps, Engineering and Delivery teams to educate, evangelise, and validate secure development practices.
The right candidate should have experience with secure software development design principles and secure testing is required for this position :
Perform security activities, including security design reviews, threat modeling, code auditing on internally & externally developed software
Govern automated secure coding tools and processes (SAST, DAST)
Provide Application Security guidance and training to developers and testers for building resilient products
Perform penetration testing against web applications and hosting infrastructure
Produce security reports pertaining to vulnerability metrics found in testing efforts
Operate as incident responder for triage pertaining to web-based vulnerabilities
Manage 3rd-party security assessments for applications and infrastructure
Leverage experience and understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST)
Build, maintain, and enforce application security development policies, procedures & standards
Continuously improve program influence of modern application security principles in an Agile methodology
The Application Security Analyst background should include :
A minimum of 3 years of experience working in a Software Engineering role
A minimum of 2 years of experience working in Static and Dynamic Code Analysis and Software Vulnerability Assessment