The Children's Place Application Security Analyst in SECAUCUS, New Jersey
As a key member of the Information Security Team, The Application Security Analyst will be responsible for addressing information security requirements during all aspects of the application development process. Key responsibilities include finding, validating, and remediation of security vulnerabilities on strategic development projects. The Application Security Analyst will also be developing security standards, influencing projects during all phases of the SDLC, using application vulnerability assessment tools, and performing code reviews.
Conduct web application security scans, analyze results, prioritize vulnerabilities, and research and propose remediation steps.
Find and assist with remediation of application vulnerabilities by reviewing source code.
Provide quality web application security audits across the various IT functions to ensure quality standards, procedures and methodologies are being followed.
Participate in application design and architecture reviews.
Deliver security training and education to technical staff.
Assist with the current SDLC processes and make recommendations for alignment with future state architecture.
Work closely with development teams, security operations, and PMO to help drive the SDLC strategy.
Monitor and distribute security notifications in adherence with the established notification/security information sharing protocols.
Assist with documenting security policies, standards, and guidelines based on the organization's requirements and compliance objectives.
Facilitate, coordinate, and maintain project schedules, plans, and scope using standard project management methodologies.
Availability to provide off-hours support as needed
Education and Experience:
3-5 years of experience in Information Security
Bachelor’s degree in computer science or related field
Experience with Java, or .NET development platforms
Experience with industry standard application security testing tools such as IBM AppScan, HP Fortify, WebInspect, Burp Suite, etc.
In depth knowledge of web application vulnerabilities and exploitation techniques
Knowledge of OWASP, SDLC, Encryption, Identity and Access Management, data integrity measures
Deep knowledge of integration between Security and System Development Life Cycle
Basic system administration experience with Linux and Windows Operating Systems a plus
Knowledge of scripting a plus
Security-related certifications a plus (CISSP, CEH, OSCP)
Experience with industry standard frameworks, best practices, and compliance regulations (ISO, NIST, PCI, SOX, etc.)
Skills and Behaviors:
Skills in conducting security design reviews and identifying associated vulnerabilities
Reverse engineering techniques to identify security vulnerabilities
Strong analytical and problem-solving skills
Ability to work effectively with people at various levels throughout the organization
Must be able to work well under pressure, grasp new ideas quickly, and think outside the box
Strong multi-tasking skills in a fast-paced environment
Strong team player
Work well independently with minimum supervision
Excellent verbal and written communication and interpersonal skills
External Company Name: Children's Place, Inc., The
External Company URL: http://www.childrensplace.com/