Application Security Analyst (15 Months Term)
Kinaxis
·
Posted:
August 18, 2023
·
Hybrid
About the position
The Application Security Analyst is responsible for identifying and remediating security flaws in Kinaxis' software applications and digital services. They will work closely with stakeholders across the business to implement security solutions and controls, mitigate cyber risks, and respond to incidents. The candidate will also be involved in the development and maintenance of the company's information security infrastructure, ensuring best practice control objectives are achieved. They should have a background in information security, experience in identifying and mitigating risks to software applications, and technical skills relevant to application security.
Responsibilities
- Identify information security risks at the application level and proactively mitigate them
- Integrate static and/or dynamic code analysis tools into the software development life cycle
- Establish a governance process for software developers to follow secure development principles and best practices
- Conduct vulnerability and penetration tests on defined systems
- Identify and propose key application security priorities, initiatives, plans, practices, and tools
- Provide guidance and recommendations on prioritizing investments and projects to mitigate risks and reduce vulnerabilities
- Collaborate with stakeholders to ensure information security risks are considered in ongoing and planned operations and compliance matters are adhered to
- Monitor application security trends and keep senior management informed about related issues and implications
- Participate in the security incident response process
- Assist with disaster recovery and business continuity planning
- Perform technical risk assessments and reviews of new and existing applications and systems
- Assist with emergencies and incident response after hours if needed
- Have an education background in Information Security, Computer Science, Information Management Systems, or equivalent
- Have 4+ years of experience in identifying and mitigating risks to software applications
- Possess technical skills relevant to application security, such as secure coding standards, application security testing, Java programming, ethical hacking techniques, cloud security architecture, and vulnerability and threat management
- Have hands-on experience with vulnerability management and penetration testing tools
- Have two years of hands-on experience in Information Security Auditing
- Be familiar with Information Security industry standards, best practices, and relevant regulations.
Requirements
- Education background in Information Security, Computer Science, Information Management Systems, or equivalent
- 4+ years of experience identifying and mitigating risks to software applications; high-tech, global environment preferred
- Technical skills relevant to Application Security such as secure coding standards, application security testing, Java programming, ethical hacking techniques, cloud security architecture, vulnerability and threat management
- Hands-on experience with vulnerability management and penetration testing tools (e.g. NMAP, Nessus, Burp, ZAP, Nexpose, BackTrack, Kali Linux, Metasploit, etc)
- Two years of hands-on experience in Information Security Auditing
- Familiarity with Information Security industry standards/best practices and relevant regulations
Benefits
- Challenging work solving highly complex problems
- Opportunity to innovate and bring forward best ideas
- Great people and a culture of celebration, laughter, and fun
- Global impact and inspiration from the work's effect on colleagues, customers, communities, and the world
- Commitment to diversity, equity, and inclusion
- Accessible website and application process