Job Description

Job Title: Application Security Analyst
Job Location: Ohio

Responsibilities:

  • Determine the risk profile of the applications by verifying application controls vs information security policy
  • Leverage and develop technical application security expertise that is required to successfully assess application controls
  • Consult with customers going through and application assessment and provide the correct interpretation of security controls to be implemented
  • Connect and leverage other resources in Information Security to ensure accurate assessment of security controls as needed

Required Qualifications:

  • Working knowledge and experience in the eight domains defined:
    • Secure Software Concepts
    • Secure Software Requirements
    • Secure Software Design
    • Secure Software Implementation/Programming
    • Secure Software Testing
    • Secure Lifecycle Management
    • Software Deployment, Operations, Maintenance
    • Supply Chain and Software Acquisition
  • ERP systems, with preference of SAP: Early watch reports and configurations
  • Network: Reverse proxies, WAFs
  • Identity and Access Management technologies, with a focus on their associated risks
  • Cloud Computing Security: Cloud Access Security Brokers (CASB)
  • Encryption: Symmetric, Asymmetric, and Hashing algorithms
  • Programming Languages and OSS: Java, Python, PHP, C++, UNIX, Windows, Linux, iOS, Android
  • Bachelor’s degree in Information Systems, Information Technology (IT), Computer Science, Engineering, or other technical/IT field or at least five+ years of relevant experience

Preferred Qualifications:

  • Must have, or be willing to obtain within one year, the Certified Information System Security Professional (CISSP) certification
  • Must have, or be willing to obtain within two years, the Certified Secure Software Lifecycle Professional (CSSLP) certification
  • Leading the end to end scope of the Application Assessment process and engage with other organizations and teams in Information Security and Business
  • Define the success criteria and required areas of expertise in the different Application Teams for success
  • Be competent and continue developing technical master in the technologies and solutions that are relevant in the company and industry to effectively conduct security controls verification
  • Fully accountable for the Application Risk Profile by Control Level for each of the applications assessed
  • Expected to work independently to ensure the sustainably of the assessment process, while engaging internally with other Security Analyst to understand challenges and ultimately to improve the process, and externally with the Application Teams to gather all the required evidences
  • Lean on the front by pro-actively identifying opportunities and anticipating issues that need to be tackled, defined, and pursue with driving the improvement plans

QBH#: 1994

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online