Application Security Analyst

Employment Type

: Full-Time


: Miscellaneous

Application Security Analyst Office: Woodbridge State: NJDescriptionReporting to the Senior Information Security Architect, the Application Security Analyst is responsible for identifying application vulnerabilities, assessing their risk, and working with developers, quality assurance analysts, project control officers, scrum masters, and others responsible for the software development lifecycle (SDLC) to remediate, mitigate, or accept the risk of these vulnerabilities. The Analyst will also be responsible for the implementation and maintenance of testing tools and improving our automated testing processes and reporting.The Application Security Analyst position will closely interact with other Information Security team members, as well as Application Delivery and Technology Operations team members, and Business Owners of applications. Responsibilities will include:Perform risk based, technical assessments of applications, using both dynamic and static scanning tools, produce reports, open tickets in work tracking systems (e.g. Jira), and meet with development teams as required.Implement, operate and maintain application security tools, such as static application security testing (SAST) and dynamic application security testing (DAST) tools.  This includes their integration points with Jira, GRC, and quality assurance systems.Work with Management and Application Delivery to develop a formal Application Security Verification Standard. Ensure quality web application security audits across IT to ensure internal and industry standards, procedures, and methodologies are being followed.Consult with Application Delivery and Technical Operations as required on security designs of applications, questions about vulnerabilities, and remediation approaches.Assist with the creation of training materials to educate developers and other stakeholders about key security concepts using a variety of media.Keep up-to-date with industry changes by attending training, understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizationsEnhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments; proactively address internal control concerns and best practicesQualificationsBachelor’s Degree3+ years of application security experience3+ year of development experienceIn-depth knowledge of web application vulnerabilities and exploitation techniques, SDLC, and identify and access managementExperience in application and infrastructure security practices and standards (such as OWASP, CIS, SDLC)Web application development experience in .NET, C#, Java, PythonExperience reviewing code for vulnerabilities in .NET, Java, C#, Javascript/jQueryKnowledge of white hat hacker tools such as Fiddler, Paros, Burp, Sqlmap, Nikto, Nmap, Wireshark and source code analyzersFamiliarity in application security scanning technologies (Veracode, AppScan, Fortify, WebInspect) such as static application security testing (SAST), dynamic application security testing (DAST), single sign-on, and encryptionAbility to effectively work as part of a cohesive and agile teamFamiliarity with cloud-based (e.g., AWS, Azure) application development services and toolsExcellent problem solving skills requiredSelf-starter with the ability to work with minimal supervisionDetailed, control oriented, and thoroughExcellent communication skills (written, verbal) and be able to work with both highly technical and non-technical individualsCertifications (e.g., GWAPT, CISSP, CCSP) are preferredBessemer is committed to creating a diverse and inclusive environment, and is proud to be an equal opportunity employer. We courage candidates of diverse backgrounds to apply.Privately owned and independent, Bessemer Trust is a multifamily office that has served individuals and families of substantial wealth for more than 100 years.  Through comprehensive investment management, wealth planning, and family office services, we help clients achieve peace of mind for generations.  The firm oversees more than $100 billion in assets for approximately 2,200 relationships.Previous Applicants If you have previously applied to a position on our website, enter your email address and password below to login. Back to Search ResultsNew Search

Launch your career - Create your profile now!

Create your Profile

Loading some great jobs for you...