Application Security Associate/Analyst
About The Position
The Application Security Associate or Application Security Analyst position provides leadership for protecting the confidentiality, integrity, and availability of web and/or mobile applications by establishing and enforcing system access controls; defining system security requirements, recommending improvements to system security frameworks, ensuring authorized access to systems through monitoring, performing testing or scanning for security vulnerabilities, and raising security awareness. This role supports business lines such as Pay.gov, Debit Gateway, TCMS/DVS, CIR, eCommerce and any potential future business lines, which are owned by the Department of Treasury’s Bureau of the Fiscal Service.
Requirements
- Application Security Associate: Associates degree and 2 years of related work experience OR Bachelor’s degree and no prior related work experience
- Application Security Analyst: Associates degree and 5 years of related work experience OR Bachelor’s degree and 3 years of related work experience OR Master’s degree and 0-1 year of related work experience
- Ability to analyze highly complex business requirements.
- Thorough understanding of industry based security controls relating to applications, services, and systems.
- Knowledge of cloud-based platforms and technologies.
- Thorough understanding of security controls relating to access control, authentication, and auditing.
- Demonstrated knowledge and understanding of information security industry trends and emerging technologies, especially relating to application security vulnerabilities.
- Proficient at testing web application for security vulnerabilities, such as those listed in the Open Web Application Security Project (OWASP) Top 10 and familiar with the tools used for testing.
- Candidates must be a U.S. citizen.
Responsibilities
- Identify security related issues and define security requirements during all phases of the application development lifecycle.
- Review program/development documents to ensure adherence to secure coding standards, guidelines and security requirements.
- Coordinate with developers to ensure secure and resilient design, prototyping, development, testing, support, and documentation of moderately complex application software.
- Monitor for atypical usage of information system accounts and other abnormalities to identify possible breaches.
- Assist with FISMA initiatives, e.g., updating security plans, to support ISSO responsibilities.
- Coordinate the identification of security-related issues and definition of security requirements during all phases of the software development lifecycle (SDLC).
- Perform penetration testing activities to ensure web vulnerabilities are not present within Treasury Services applications.
- Conducts analysis and interpreting of cybersecurity trends and emerging risks, quantifies potential impact, and develops conclusions and recommended application security responses.
- Performs other duties as assigned or requested.
Benefits
- Benefits to support overall health and financial security.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
Education Level
Associate degree
