View Our Website View All Jobs

Pipeline Sr. Product / Application Security Analyst

Job Description:

Work Location: ALPHARETTA GA 30005

Request Title:   Sr. Product / Application Security Analyst

Desired Start Date:         asap

End Date:            7/1/2017

Is this position contract to hire?:              YES

Local Candidate Required?:        YES

 

MANAGER UPDATE: I need candidates with actual software / code testing and software/application security experience. IT Ops centric backgrounds / experience do not fulfill my requirements.

May work from home. Must be based in the greater Atlanta area. 
A “consultative” role and the successful candidate is able analyze security analysis results, interpret risk and aide software product owners in prioritizing remediation efforts. Must have excellent written, oral and presentation skills. Also, fundamental understanding of application development is key.
Day to Day Responsibilities:
- Coordinate and conduct secure development consults aid development teams in prioritizing remediation 
- Analyze application security analysis results (i.e. SAST, IAST, Static Binary/Source Code, Dynamic and Manual Pen Test, etc.) to assess risk and aid in prioritizing remediation efforts
- Consult around use of automated analysis tools (e.g. Veracode, Coverity, etc.) and aid software group on interpreting results and prioritizing remediation strategies
- Consult around secure development standards and best practices (i.e. OWASP, SANS, ISACA, CERT, etc.)
- Fundamental knowledge of various software development methods and methodologies (e.g. Agile, XP, Waterfall, SCRUM, etc.)
- Interpret data and create risk-centric presentations intended for both technical and non-technical audiences 
- Consult around identify and implementing compensating controls
- Interpret policy and consult on specific guidance to achieve adherence 

Additional Skills: Must have some experience with: (1) Create and critically review application / software threat models; (2) Software security vulnerabilities prioritization using models such as DREAD and STRIDE.

Minimum Requirements:
4+ years experience in administering software-centric security controls in an organization

Critical Skills:
Good oral/written communications
Languages: C#.Net, ASP.Net, Java, Objective-C, Javascript, Python, Curl, Perl and Windows PowerShell
Excellent working knowledge of software security standards and development lifecycle methods
Software development and quality assurance testing experience
IT Systems: SharePoint Administration; MS SQL & IIS Administration, and MySQL
High proficiency with MS Office productivity applications and Visio

Additional Knowledge & Skills:
Veracode, Coverity, HP Fortify, Checkmarx, AppScan, WebInspect Analysis solution
HP Quality Center, Jira, Team Foundation Services Development Lifecycle tools
Application lifecycle management capabilities

Education:
4-year degree in computer science or related field or equivalent experience

 

Puja Chawla

Primus Software Corporation

Direct: 678 -466- 6853  | Fax: 770-234-4163

Email: puja.chawla@primussoft.com

Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

150