Sr. Application Security Analyst

Temp

Synergis IT

Sr. Application Security Analyst
New York, NY
Apply Now

Sr. Application Security Analyst

Long-term Contract

New York City

 

Position Description: The Senior Analyst

AppSec Remediation leads web application security remediation initiatives for the CyberSecurity Office and serves as an active member of teams that define the application security strategy. A combination of technical acumen and creative thinking is necessary to address matters of threat identification and mitigation. Unlike other security organizations, a consultative and collaborative mindset is of paramount importance. While this job does not have formal personnel management responsibilities, the Senior Analyst is expected to lead and mentor team members and those in other technical roles who are critical to the successful delivery of the cybersecurity strategy. The successful individual will:

• Serve as a subject matter expert for all matters relating to remediation of web application security vulnerabilities and container security vulnerabilities

• Leverage a combination of tools such as static analysis (SAST), dynamic analysis (DAST), container registry scanners to identify web application vulnerabilities, vulnerable dependencies, and vulnerabilities within source code • Consult with various development teams to facilitate the closure of web application vulnerabilities

• Own the remediation of security vulnerabilities identified through bug bounty programs.

• Demonstrate how to exploit vulnerabilities for the purpose of internal research and assisting with remediation efforts

• Stay apprised of security risks associated with frameworks such as PHP, Java, JavaScript, Ruby on Rails, and .NET • Stay apprised of security risks with Content Management Systems such as Drupal, WordPress, and in-house developed CMS.

• Develop capabilities necessary to monitor and detect web application attacks using web application firewalls, security scripts, tools, and services Other Responsibilities

• Provide impeccable customer service while working with IT, Legal, Finance, Internal Audit and others

• Understands vulnerabilities at an application, database, operating system and network level • Provide technical input to security risk assessments

• Lead multiple complex projects and initiatives and use discretion when negotiating priorities

Qualifications:

• At least 5 years experience in information technology with a minimum 2 years information security experience.

• 1 year experience with identifying vulnerabilities associated with the OWASP Top 10.

• Security certification: CISSP AND/OR CEH

• Must have experience working with Information Security programs.

• Must have experience with security vulnerability scanners and application scanners (e.g. Qualys, Whitehat Security, and IBM AppScan).

• Must be proficient with Linux administration and scripting

• Must fully understand the OSI model, routing and network security

• Demonstrated ability to successfully perform analysis, support, training, reporting, testing, and project management across multiple, complex system implementations with custom and third-party applications

• Advanced problem solving and analytical skills 

If you are interested in learning more about this opportunity, please reach out to Rebecca Berry at 770-346-7224 or rberry@synergishr.com

Apply Now

Tagged as: Sr. Application Security Analyst New York NY