Marriott International - Bethesda, MD

posted about 2 months ago

Full-time - Entry Level
Bethesda, MD
Accommodation

About the position

The Application Security Analyst will assist in monitoring and assessing the security of web applications under the guidance of the Senior Application Security Manager. This role involves supporting the enforcement of security standards, participating in application security risk assessments, and aiding in the documentation and remediation tracking processes. The position is designed to provide hands-on experience in application security within a corporate environment, with a strong focus on learning and development.

Responsibilities

  • Assist in monitoring compliance with security standards and regulatory requirements related to web application security.
  • Assist in tracking and documenting risk mitigation efforts, ensuring timely resolution of identified issues.
  • Support the Senior Manager in tracking and documenting application security risks and remediation efforts.
  • Learn and assist in the use of security tools such as GitHub Advanced Security for basic operations.
  • Work closely with development teams to integrate risk management practices into the software development lifecycle.
  • Gain exposure to security frameworks and standards such as OWASP, under the mentorship of the Senior Manager.
  • Contribute to the development and maintenance of compliance documentation, including policies, procedures, and control frameworks.
  • Aid in the use of project management tools like JIRA to track tasks and projects.
  • Work closely with the Application Security Testing team to understand findings, their relevance and potential impact.
  • Conduct basic vulnerability research under the guidance of the Senior Manager.
  • File tickets with development and security teams, monitor ticket flow, volume, and remediation activities.
  • Participate in audits and assessments to evaluate compliance with internal policies and external regulations.
  • Review Security Researcher findings through the company Bug Bounty program and pursue remediation when issues are validated.

Requirements

  • Bachelor's degree in Cybersecurity or Computer Science or related field or equivalent experience/certification.
  • 0-2+ years of information technology experience including internships.
  • Strong understanding of basic programming concepts and principles.
  • Basic understanding of security testing methodologies, tools, and approaches.
  • Basic understanding of OWASP Top 10 and its implications to software security.
  • Basic understanding of common software development practices and procedures.
  • Basic understanding of the Software Development Lifecycle (SDLC).
  • Proficiency in Microsoft Word, PowerPoint, and Excel.
  • Excellent communication skills.
  • Strong interest in cybersecurity and a willingness to learn on the job.
  • Current information security certification, including: GSEC, GSIF, CySA+, Security+, CEH, GRISC, CISA.
  • Experience in software development (front end or backend developer).
  • Experience with software security testing.
  • Experience working in a regulated environment (e.g., finance, healthcare, government).
  • Experience with conducting risk assessments and developing risk mitigation strategies.
  • Solid understanding of GitHub operations.

Nice-to-haves

  • Experience with software security testing.
  • Experience working in a regulated environment (e.g., finance, healthcare, government).
  • Experience with conducting risk assessments and developing risk mitigation strategies.

Benefits

  • Commuter assistance
  • Paid parental leave
  • Health savings account
  • Employee stock purchase plan
  • Disability insurance
  • Health insurance
  • Flexible spending account
  • Tuition reimbursement
  • Paid time off
  • Adoption assistance
  • Parental leave
  • Employee discount
  • Life insurance
Job Description Matching

Match and compare your resume to any job description

Start Matching
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service