Application Onboarding Analyst

About The Position

Requirements

• 5+ years of experience in Application Security & Industry Standards (OWASP, NIST)
• 5+ years of experience in Secured Software Development Life Cycle (SSDLC)
• 5+ years of experience in Threat Modelling & Risk Assessments
• 5+ years of experience in Application Scanning for Vulnerabilities (SAST, DAST)
• 5+ years of experience in Integration of Security in CI/CD Pipeline, DevOps, Dev SecOps (Azure, Jenkins)
• 5+ years of experience in API Security & Access Controls (OAuth, SAML, SSO)
• 5+ years of experience in Cloud Security
• 5+ years of experience in Agile Environment Collaboration
• 5+ years of experience in Project Management
• 5+ years of experience in Cross-Functional Team Collaboration
• 5+ years of experience in Client Engagement & Communication
• 5+ years of experience with Operating Systems: Windows Server, Apache, Microsoft IIS, Windows, Linux, VMware, Citrix
• 5+ years of experience with Technology Stack: ASP, .NET, Visual Basic.NET, Visual Basic, Cold Fusion, JavaScript, HTML, C++, C#, MS PowerApps, Python, Powershell, Shell Scripting, Selenium
• 5+ years of experience with Security Tools — Must Have: VERACODE, IBM Appscan, SD Elements, Burp Suite

Nice To Haves

• 5+ years of experience with Security Tools — Plus to Have: CHEKMARX, Fortify, Prowler, SonarQube, SNYK, Wireshark, OWASP ZAP, Rapid7, STRIDE

Responsibilities

• Evaluate and scope applications with the application development teams to identify criticality of the application and identify data sources and elements.
• Enforce application security requirements
• Evaluate application architecture to identify gaps in infrastructure security
• Create and enforce standards for use of Firewalls, WAF, Identity Management and Multi Factor Authentication
• Onboard Applications to Threat Modeler and Vulnerability Scanners
• Configure Applications on Vulnerability Scanners to perform Static and Dynamic Scans
• Configure and generate application vulnerability scan reports