Sr. Application Security Analyst
Company: Benjamin Moore & Co.
Posted on: November 16, 2021
** NOW OFFERING REMOTE/VIRTUAL FRIDAYS FOR ALL MONTVALE-BASED
POSTIONSAs a key member of the BMC Information Security Team, the
Sr. Application Security analyst will be responsible for performing
security testing and providing remediation guidance for application
vulnerabilities across the BMC landscape. Key responsibilities
include development of security standards as part of the overall
Software Development Life Cycle (SDLC) process, code reviews, and
using application vulnerability assessment tools for static and
dynamic code analysis.Operations support includes the creation of
formal documentation, secure code training, and providing
recommendations for security improvements. This role will require
the individual to multitask and serve as a technical
point-of-contact for application security. The role requires
occasional off hours support and on-call
- Partner with various stakeholders, including application
development teams, PMO, and security operations to drive the Secure
- Lead and facilitate secure application design and architecture
- Conduct application security assessments and penetration tests
on web applications, web services, and mobile applications.
- Utilize various commercial and open source tools to conduct
periodic static code analysis and dynamic scans.
- Find, validate, and drive remediation of security
vulnerabilities, configuration issues, and flaws on application
- Prioritize vulnerabilities and research and propose remediation
- Create formal documentation for project planning, builds, and
Operations and Maintenance.
- Educate developers on secure development and coding best
- Assist with monitoring activities using various industry
standard security tools (e.g., SIEM, DLP, etc.) to identify
potential security related issues.
- Participate in and lead product selection, vendor evaluations,
and implementations of security technologies.Desired Certifications
- Industry security and systems certifications (GIAC-GWEB, CISSP,
CEH, GCIH, etc.)
- ITIL Certified and or able to obtain ITIL Foundations
Certifications within the next 3 monthsTechnical Skills
- Software development experience in one or more of the following
- Experience with industry standard application security testing
tools such as White Hat, IBM AppScan, HP Fortify, WebInspect, Burp
- Strong understanding of OWASP Top 10 and other similar
- Experience with Agile/SCRUM software development models.
- Expert understanding of Software Development Life Cycle.
- Knowledge of web related technologies (web applications, web
services, and service oriented architectures) and of network/web
- Incident Response experience.
- Basic experience with server operating systems including
Microsoft Windows, Red Hat Enterprise Linux, etc.
- Understanding of Database Systems including MS SQL, MySQL,
Oracle, etc.Non-Technical Skills:Excellent teamwork skills; written
and oral communication skills. Excellent formal documentation
Keywords: Benjamin Moore & Co., Tenafly , Sr. Application Security Analyst, Professions , Montvale, New Jersey
Didn't find what you're looking for? Search again!