JOB FUNCTION / PURPOSE: The CyberSecurity Application Analyst will perform application security assessments, Software Development Lifecycle (SDLC) consulting, review of code scans and adheres to procedures to mitigate vulnerabilities. The Analyst will work with programming staff as an independent resource to help ensure adherence to application security coding standards fashioned by Open Web Application Security Project (OWASP). The Analyst will coordinate and facilitate periodic application vulnerability scans against existing and new code, and will work with affected teams to achieve remediation of risk. The Analyst will help promote a risk based culture that securely enables the business in alignment with the Bank’s strategic goals.
QUALIFICATIONS: - Associate’s Degree in Information Systems/ Information Technology or Computer Technology related field. Equivalent experience will be considered. - Two ( 2) years’ experience with programming languages (e.g. Java, .NET C#) - Familiarity of Open Web Application Security Project (OWASP) tools and methodologies, preferred. - Basic knowledge of common Software Development Lifecycle Consulting (SDLC) Practices, preferred. - Familiarity with common code review methods and standards. - Must possess strong analytical skills - Ability to work in teams and independently - Strong technical documentation skills - Willing to engage in ongoing application security related training (i.e. SANS, CERT, ISSA, etc.)
PRINCIPAL ACTIVITIES / OBJECTIVES: - Review of code scans generated by scanning software. - Completes periodic scanning of application code using scanning software - Ensures security vulnerabilities are remediated in a timely fashion. - Communicates task status to Cyber Security Applicat ions Officer regularly. - Provides insight into risk assessments of application coding. - Develop and track ongoing application security metrics.
Benefits: Full-time employees are eligible for a comprehensive benefits package including medical, dental, vision, 401(k) with immediate vesting, tuition reimbursement and gym membership reimbursement.