Security Analyst

This job is no longer active. View similar jobs.

POST DATE 9/10/2016
END DATE 10/9/2016

Digital Intelligence Systems, LLC Little Canada, MN

Company
Digital Intelligence Systems, LLC
Job Classification
Full Time
Company Ref #
J3F4KX6W5G12977Z9M5
AJE Ref #
576131609
Location
Little Canada, MN
Experience
Mid-Career (2 - 15 years)
Job Type
Regular
Education
Bachelors Degree

JOB DESCRIPTION

APPLY
Job Snapshot

CATEGORY: Information Technology
EMPLOYEE TYPE: Contractor

LOCATION: US-MN-Little Canada
EXPERIENCE: Not Specified

CATEGORY: Information Technology
EMPLOYEE TYPE: Contractor
LOCATION: US-MN-Little Canada
EXPERIENCE: Not Specified

Job Description

*** 12 month contract

The Application Security Analyst will be responsible for identifying security risks or 3rd Party developed web/mobile applications, including, but not limited to data protection, application vulnerabilities and business risks. Responsibilities include assisting in implementing an application security program, evaluating ongoing risk and vulnerabilities through scanning and penetration testing techniques, and working with application developers to implement appropriate security measures for web/mobile applications.

Job Duties:
Perform security risk assessments of web & mobile applications across multiple platforms leveraging manual penetration testing techniques and security tools.
Manage/Operate security testing tools including but not limited to, source code review tools like HP Fortify, dynamic scanning tools like Qualys WAS/Accunetix/Burp Suite and other similar products
Assist in the implementation and execution of the secure SDLC process.
Train Application Developers for secure coding practices
Be responsible for security touch-points within the SDLC, from security requirements through implementation, testing and deployment.
Recommend suitable solutions to address vulnerabilities in applications by interpreting test reports
Track and manage all application security remediation activities
Represent the Security organization in cross-functional or special projects and new initiatives as assigned
Research and Report on security vulnerabilities and latest advancements in vulnerability assessment technologies and application security
Coordinate with internal application development teams and communicate technical security concepts in business terms.
Provides effective written and verbal communications.
Understand compliance requirements that may impact security and work with business areas and project teams to develop security solutions that address these requirements.
Complies with U.S. Food and Drug Administration (FDA) regulations, other regulatory requirements, Company policies, operating procedures, processes, and task assignments. Maintains positive and cooperative
communications and collaboration with all levels of employees, customers, contractors, and vendors.
Performs other related duties and responsibilities, on occasion, as assigned.
Equipment: List the type of equipment the incumbent will utilize in this position.
Works with standard office equipment such as telephone, cellular phone, fax/copier, and a personal computer with standard office software.

Job Requirements
General Qualifications

Bachelor's degree in Computer Science, MIS, Information Assurance, or related field. Equivalent combinations of education and work experience may be considered.
5+ years of experience in software development/application security testing. In-depth experience with tools such as HP Fortify, Accunetix, Burp Suite is preferred.
Certificate in CISSP / CISA / CISM / GIAC Web Application Penetration Tester (GWAPT) / GIAC
Intermediate Web and Mobile technology knowledge (i.e., HTTP, HTML, SQL, IOS, Android)
Competent with application level security controls e.g. authorization and access control, session management, cross site scripting, command injection Flaws, buffer overflows, web application and server
configurations
Strong knowledge of IT security frameworks (ISO, NIST etc.) and related processes
Strong knowledge of application security & OWASP framework
Energetic team player with strong initiative, team orientation and good problem solving skills.
Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner, and be able to meet assigned deadlines and service levels.
Demonstrated interpersonal skills, including the ability to listen, resolve problems, deal with unresolved issues, delays and unexpected events, and the ability to effectively communicate and maintain rapport with
supported customers.
Excellent communication skills with demonstrated ability to write clear, concise business communication for multiple levels (management, technical, user).
Able to understand and leverage the IT and business vision and strategy to support solution definition
Able to professionally represent the Security function to key business stakeholders
Ability to work in a highly matrixed and geographically diverse business environment.
Ability to work within a team and as an individual contributor in a fast-paced, changing environment.
Ability to leverage and/or engage others to accomplish projects.
Ability to travel approximately 10%, including internationally.
Ability to maintain regular and predictable attendance.

Digital Intelligence Systems, LLC. is an Equal Opportunity Employer, M/F/D/V. Email recruitinghelp @ disys.com to contact us if you are an individual with a disability and require accommodation in the application process.