The Application Security Analyst analyzes information security systems and applications in order to find vulnerabilities. Recommends and develops security measures to protect information against unauthorized modification or loss. This position coordinates with development and security teams or third parties to fix system / application vulnerabilities. Additionally this position reports to the Information Security Officer.

DUTIES & RESPONSIBILITIES:

• Performs web application attack & penetration (A&P) testing to find security issue such as risks, defects and logical errors
• Maintain and enhance the documentation standard for discoveries and reporting of malicious tactics, techniques, and procedures tips and tricks for Smart books and established procedures in Run Books
• Acts as a technical advisor and subject matter expert to internal stakeholders and partners
• Maintains a working knowledge of the security capabilities of modern development languages and application design paradigms
• Recommend and coordinate implementation of updates to security assurance policies and standards
• Coordinate third party vulnerability assessments
• Plan and conduct training on security best practices for application developers, architects and testers
• Provide input into the security architecture decisions including technical architecture design and vendor management
• Work with development team and Q/A to maintain development lifecycle documentation, provides integrated systems planning which will enhance current systems and support corporate, business and system goals
• Provide guidance on relevant application security industry standards and practices such as OWASP, SANS, CWE, CWSS, CVE, CVSS, etc
• Help define, develop, and drive the creation and adoption of an application security program
• Provide expertise and guidance to application developers and product management on issues of application security

QUALIFICATIONS:

• Must be authorized to work on W2 without visa sponsorship.
• Must be willing to go on-site 2-3 days per week in Garner, NC
• Familiar with common programming languages (IE: Java, php, Postgres, python, nodeJS, Ruby, html)
• Knowledge of industry standards such as NIST, FISMA, SOC, HIPPA, ISO 27001
• IT Security Certifications such as: CEH, OSCP, CPENT
• Experience with application vulnerability testing tools like, but not limited to, Nessus, Metasploit, Burp, Qualys, Nmap, Kali Linux
• Application Security Assessment
• Minimum 3 years of Application security experience with remediation of SQL injection, buffer overflows, parameter manipulation, cross-site scripting
• 3+ years of progressive experience in web application development with hands on experience implementing application security controls such as Authentication/Authorization, Access Control, Web-Config encryption options
• Knowledge of application security best practice and standards such as SANS, CWE, CWSS, CVE, CVSS, and OWASP top 10 application security risks such as SQL Injection, XSS, etc.

Job Type: Full-time

Pay: $100,000.00 - $135,000.00 per year

Benefits:

• 401(k)
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance

Compensation package:

• Yearly pay

Experience level:

• 3 years

Schedule:

• 8 hour shift
• Monday to Friday

Ability to commute/relocate:

• Garner, NC 27529: Reliably commute or planning to relocate before starting work (Preferred)

Experience:

• Secure SDLC: 1 year (Preferred)
• OWASP: 1 year (Preferred)

Work Location: Hybrid remote in Garner, NC 27529

Please Note :
epokagency.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, epokagency.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.