Employer Active
Job Alert
You will be updated with latest job alerts via emailJob Alert
You will be updated with latest job alerts via emailNot Disclosed
Salary Not Disclosed
Job Overview:
The Sr. Application Security Analyst is responsible for identifying and mitigating security flaws and vulnerabilities in VeritasPays systems and applications. In this role you will be constantly collaborating with the business development and tech units to provide inputs in defining security/compliance requirements for new initiatives. You will be assessing the design and architecture of systems by identifying security risks threats and vulnerabilities and recommending the appropriate security controls and ensuring that they are in place prior to release.
This position will be reporting to the information security manager and should be able to work autonomously with minimal supervision. The successful candidate should possess technical skills and knowledge relating to application security and must be able to communicate effectively to both business and tech people. He/she should have a deep understanding of application security threats and vulnerabilities and must be able to translate them into actionable application requirements.
Job Responsibilities:
Collaborate with business development and tech teams and keeping uptodate with projects and initiatives
Determine security and compliance requirements to support development of secure applications
Identification and documentation of risks threats and vulnerabilities in applications through risk assessments and recommend appropriate mitigation measures
Implement Privacy by Design (PbD) in applications
Establish procedures and best practices relating to application security
Recommend improvements to the software development process
Advise internal stakeholders on application security
Stay current with new security threats and vulnerabilities
Support with compliance initiatives such as PCI DSS and CPOC
Provide support in projects and other security endeavors from time to time
Job Qualifications:
BS/BA in IT or related field (e.g. Computer Science Network; or 4 years of relevant IT experience)
Minimum 4 years experience in application security penetration testing and/or software development
Experience in conducting risk assessments or threat modeling in applications is a big plus
Solid foundational knowledge of security concepts pertaining to web and mobile application security and SDLC
Strong understanding of threats and vulnerabilities in applications and networks
Familiarity with OWASP Top 10 MITRE ATT&CK and similar frameworks
Experience in using application security testing tools (e.g. SAST/DAST) is a plus
Familiarity with data privacy and BSP/AML regulations
Knowledge or experience with PCIDSS is preferred but not required
Excellent oral and written communication skills
Strong analytical and problemsolving skills
Security and relevant certifications (e.g. Sec CEH CySA PenTest eJPT) an advantage
KPIs/KRAs:
Defining of security and compliance requirements
Identification and assessment of security threats and vulnerabilities
Establishment of procedures and guidelines
Full Time