[Close] 

Application Security Analyst

job summary:

The successful individual will leverage their proficiency in Information Security to...



  • Evaluating application environments to ensure they are being designed and deployed in compliance with InfoSec standards and industry best practices. This includes performing security assessments, conducting risk analysis, reporting security findings and recommending corrective actions for the relevant operational teams.
  • He/or She will work with developers, architects, project leads/managers, business analysts, and others, in determining security requirements for projects and ensures that these requirements are met as part of the software development lifecycle.
  • He/or She will work alongside IT partners such as developers, architects, project leads/managers, business analysts, and act as the "go to" individual for all security questions, concerns, and guidance. Develop and present training material on security-related topics, and develop application security-related development standards & control alongside other governance and architecture teams.
  • The analyst will be granted access to industry leading security tools and among other Infosec members will be responsible for the administration and maintenance.
  • The ideal candidate must be able to work independently and have solid project management skills.

The key responsibilities of the role are:



  • Serve as a Subject Matter Expert (SME) in the field of application security
  • Conducting dynamic & Static code reviews
  • Act to integrate application/software security tools within existing development processes
  • Assist with the planning and execution of application penetration tests
  • Identify and help resolve false positive findings in security assessment results
  • Generate reports on assessment findings and help guide and track remediation tasks
  • Assist with formulation and distribution of security metrics that demonstrate assessment coverage and remediation effectiveness

Required Skills:



  • Solid understanding of secure coding principles (OWASP Top 10)
  • 2-4 years experience with Application Security Tools like IBM AppScan, Metaspolit, WebInspect, Burp, Veracode, Checkmarx, etc.
  • Familiarity with widely used application development tools & languages (ex. .Net, JAVA, XCode, etc.)
  • Strong critical thinking and problem solving skills
  • Excellent written and oral communications skills
  • Ability to understand business needs and commitment to delivering high-quality, prompt, and efficient service to the business

Typical Education and Experience:



  • BS in Computer Science, Information Security, or a related field
  • 2-4 years of past experience in information security, especially in an analyst role
  • Industry Certifications such as CISSP, CISM, CISA, CEH are considered a plus

 
location: Carlstadt, New Jersey
job type: Permanent
work hours: 9 to 5
education: No Degree Required
 
responsibilities:

  • Evaluating application environments to ensure they are being designed and deployed in compliance with InfoSec standards and industry best practices. This includes performing security assessments, conducting risk analysis, reporting security findings and recommending corrective actions for the relevant operational teams.
  • He/or She will work with developers, architects, project leads/managers, business analysts, and others, in determining security requirements for projects and ensures that these requirements are met as part of the software development lifecycle.
  • He/or She will work alongside IT partners such as developers, architects, project leads/managers, business analysts, and act as the "go to" individual for all security questions, concerns, and guidance. Develop and present training material on security-related topics, and develop application security-related development standards & control alongside other governance and architecture teams.
  • The analyst will be granted access to industry leading security tools and among other Infosec members will be responsible for the administration and maintenance.
  • The ideal candidate must be able to work independently and have solid project management skills.
 
qualifications:

The key responsibilities of the role are:



  • Serve as a Subject Matter Expert (SME) in the field of application security
  • Conducting dynamic & Static code reviews
  • Act to integrate application/software security tools within existing development processes
  • Assist with the planning and execution of application penetration tests
  • Identify and help resolve false positive findings in security assessment results
  • Generate reports on assessment findings and help guide and track remediation tasks
  • Assist with formulation and distribution of security metrics that demonstrate assessment coverage and remediation effectiveness
 
skills: Typical Education and Experience:



  • BS in Computer Science, Information Security, or a related field
  • 2-4 years of past experience in information security, especially in an analyst role
  • Industry Certifications such as CISSP, CISM, CISA, CEH are considered a plus

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.



Company Description:

Randstad is a $22.5 billion global provider of HR services and the second largest staffing organization in the world. From temporary staffing to permanent placement to in-house, professionals, search & selection, and HR Solutions, Randstad holds top positions around the world and has approximately 31,100 corporate employees working from its nearly 4,700 branches and in-house locations in 40 countries.


We are a company built on a deep network of expertise that crosses industries and geographies. We recognize that talent comes in different forms, that every business has its unique challenges and opportunities. And our recruiting experts are skilled at marrying talent and business—identifying the ideal professionals for an organization’s culture and its teams, its needs and its goals.




Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.