Senior Application Security Analyst

Paramus, NJ

Posted: 05/14/2018 Employment Type: Direct Hire Job Number: 277 Pay Rate: 130,000

Job Description

Job Summary:

As a key member of the Information Security Team, the Sr. Application Security analyst will be responsible for performing security testing and providing remediation guidance for application vulnerabilities across the landscape. Key responsibilities include development of security standards as part of the overall Software Development Life Cycle (SDLC) process, code reviews, and using application vulnerability assessment tools for static and dynamic code analysis.

Operations support includes the creation of formal documentation, secure code training, and providing recommendations for security improvements. This role will require the individual to multitask and serve as a technical point-of-contact for application security. The role requires occasional off hours support and on-call rotation.

  • Partner with various stakeholders, including application development teams, PMO, and security operations to drive the Secure SDLC strategy.
  • Lead and facilitate secure application design and architecture reviews.
  • Conduct application security assessments and penetration tests on web applications, web services, and mobile applications.
  • Utilize various commercial and open source tools to conduct periodic static code analysis and dynamic scans.
  • Find, validate, and drive remediation of security vulnerabilities, configuration issues, and flaws on application code.
  • Prioritize vulnerabilities and research and propose remediation steps.
  • Educate developers on secure development and coding best practices.
  • Create formal documentation for project planning, builds, and Operations and Maintenance.

Desired Certifications:
  • Industry security and systems certifications (GIAC-GWEB, CISSP, CEH, GCIH, etc.)
  • ITIL Certified and or able to obtain ITIL Foundations Certifications within the next 3 months

Technical Skills:
  • Software development experience in one or more of the following core languages: Java, .NET, PHP, Javascript, Python.
  • Experience with industry standard application security testing tools such as IBM AppScan, HP Fortify, WebInspect, Burp Suite, etc.
  • Strong understanding of OWASP Top 10 and other similar frameworks.
  • Experience with Agile/SCRUM software development models.
  • Expert understanding of Software Development Life Cycle.
  • Knowledge of web related technologies (web applications, web services, and service oriented architectures) and of network/web related protocols.
  • Incident Response experience.
  • Basic experience with server operating systems including Microsoft Windows, Red Hat Enterprise Linux, etc.
  • Understanding of Database Systems including MS SQL, MySQL, Oracle, etc.

Non-Technical Skills:
  • Excellent teamwork skills; written and oral communication skills. Excellent formal documentation skills


Meet Your Recruiter

Jason Destro

Over 20 years’ of recruiting experience with hands-on recruiting and placement of I.T. professionals (Full Time, Temp 2 Perm, & Contingent) in the NJ/NY/CT/PA marketplace for a wide variety of today's demanding IT skill sets. Focused on delivering exceptional service by understanding client’s objectives and goals.

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.

Textbox Section