INSERT INTO tblcactusclickthroughs (CTR_AgencyID, CTR_ConsultantID, CTR_VacancyID, CTR_AgentsRef, CTR_JobTitle, CTR_LanguageID, CTR_Date) VALUES ('1126', '1464', '13059', 'EJ-322', 'Application Security Analyst', '1', NOW())

Application Security Analyst

Application Security Analyst
The Application Security team is looking for an enthusiastic and highly skilled Application Security Analyst who has a background in security and / or development. Candidates should be comfortable studying complex systems, able to identify application risks and threats, and be willing to recommend appropriate countermeasures. The role involves interacting with development teams to ensure that
production web applications are implemented with security in mind. Typical engagements involves conducting architectural / design reviews, code reviews, penetration tests, tracking new requirements and recommending improvements. The Application Security team is responsible for the security of all applications developed internally or externally.
Responsibilities:
• Understand the architecture of production systems including identifying the security controls in place and how they are used
• Ability to review code of enterprise applications (java/.Net/oracle/SQL) by tracing the execution flow through an application and identifying possible security vulnerabilities or areas of weakness.
• Understand database weaknesses and security best practices
• Ability to evaluate functional and technical specifications early within the software development life
cycle and identify possible threats or areas of weakness based on the documentation.
• Write tools to automate certain security tasks
• Keep understanding of vulnerabilities current
• Understand and provide consultation on using Fortify Source Code Analysis tool to enhance the code review process, integrate with application build scripts, write custom rules and train developers to use
Key Working Relationships:
• Liaise with development managers and quality assurance teams in the planning of projects to ensure security input is given and that security reviews are included in project schedule.
• Ability to work in on multiple concurrent projects with multiple development teams, internal and external.
Core Skills and Knowledge:
• Experience working in the software / security industry
• Security experience from previous projects
• Java code review knowledge or development experience
• Security related qualifications (e.g. CISSP, GSSP, CEH etc)
• Knowledge of various security tools
• Experience administering or securing Oracle databases
• Experience using Fortify to assist with code review process
• Strong understanding of the Web Application threats.
• Knowledge of software development security principles and best practices
• Strong analytical and diagnostic skills
• Expert knowledge of Java, JSP, Struts, .Net, Java Patterns, Spring, HTTP & SQL
• Strong understanding of three tier web applications.

This job vacancy is no longer active.

Please feel free to look at similar jobs below or use our executive job search facility to find the right job for you.