Sr. Application Security Analyst

Come, be part of our Tapestry.
Defined by inclusivity rather than exclusivity, Tapestry is a global house of brands that embraces the exploration of individuality. Every individual in our global house has the opportunity to make an impact, learn and be part of our growing, beautiful, and unique story.
At Tapestry, we have the freedom to express ourselves and run with our best ideas across Coach, Kate Spade New York, and Stuart Weitzman. We share a profound belief in both our individual and collective potential, and know that with hard work and dedication, anything is possible.
The successful individual will leverage their proficiency in Information Security to...
Evaluating application environments to ensure they are being designed and deployed in compliance with InfoSec standards and industry best practices. This includes performing security assessments, conducting risk analysis, reporting security findings and recommending corrective actions for the relevant operational teams.
He/or She will work with developers, architects, project leads/managers, business analysts, and others, in determining security requirements for projects and ensures that these requirements are met as part of the software development lifecycle.
He/or She will work alongside IT partners such as developers, architects, project leads/managers, business analysts, and act as the "go to" individual for all security questions, concerns, and guidance. Develop and present training material on security-related topics, and develop application security-related development standards & control alongside other governance and architecture teams.
The analyst will be granted access to industry leading security tools and among other Infosec members will be responsible for the administration and maintenance.
The ideal candidate must be able to work independently and have solid project management skills.
The key responsibilities of the role are:
Serve as a Subject Matter Expert (SME) in the field of application security
Conducting dynamic & Static code reviews
Act to integrate application/software security tools within existing development processes
Assist with the planning and execution of application penetration tests
Identify and help resolve false positive findings in security assessment results
Generate reports on assessment findings and help guide and track remediation tasks
Assist with formulation and distribution of security metrics that demonstrate assessment coverage and remediation effectiveness
Required Skills:
Solid understanding of secure coding principles (OWASP Top 10)
2-4 years experience with Application Security Tools like IBM AppScan, Metaspolit, WebInspect, Burp, Veracode, Checkmarx, etc.
Familiarity with widely used application development tools & languages (ex. .Net, JAVA, XCode, etc.)
Strong critical thinking and problem solving skills
Excellent written and oral communications skills
Ability to understand business needs and commitment to delivering high-quality, prompt, and efficient service to the business
Typical Education and Experience:
BS in Computer Science, Information Security, or a related field
2-4 years of past experience in information security, especially in an analyst role
Industry Certifications such as CISSP, CISM, CISA, CEH are considered a plus
Tapestry, Inc. is an equal opportunity and affirmative action employer and we pride ourselves on hiring and developing the best people. All employment decisions (including recruitment, hiring, promotion, compensation, transfer, training, discipline and termination) are based on the applicant's or employee's qualifications as they relate to the requirements of the position under consideration. These decisions are made without regard to age, sex, sexual orientation, gender identity, genetic characteristics, race, color, creed, religion, ethnicity, national origin, alienage, citizenship, disability, marital status, military status, pregnancy, or any other legally-recognized protected basis prohibited by applicable law. #LI-AH1 Visit Tapestry, Inc. at http://www.tapestry.com/
Req ID: 41229
Nearest Major Market: New York City
Nearest Secondary Market: Newark

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Application Security Analyst
Whitehouse Station, NJ Chubb
IT Application Support Analyst - Treasury Risk
Weehawken, NJ Ubs
Sr. Data Quality Analyst
Hoboken, NJ Pearson
Sr. Quantitative Finance Analyst
Jersey City, NJ Bank of America Corporation
Store Applications Support Analyst
Beverly, NJ Burlington Coat Factory Corporation