Previous Job
Previous
Senior Application Security Analyst
Ref No.: 18-05593
Location: Wichita, Kansas
Position Type:Direct Placement
Pay Rate : $ 90,000.00 - 110,000.00 /Year
Duties and Responsibilities
  • Identify risks and areas of exposure in applications developed
  • Perform security reviews of source code, stored procedures, and server/service configurations
  • Perform manual and automated security testing of proprietary applications
  • Define and document application security requirements for applications
  • Conduct network and web-based application vulnerability assessments and penetration tests
  • Monitor industry trends and threat landscape and recommend necessary controls or countermeasures
  • Develop and deliver application security training to company software development teams (e.g. secure coding techniques and security best practices)
  • Participate in development of security policies, standards, and processes
  • Participate in incident handling and perform application-related forensics activities
  • Understand applicable company policies, procedures and other job-specific instructive documents and materials
  • Conduct business and perform job duties in a manner consistent with the requirements set forth in all company policies, procedures and other directives, and in compliance with legal and regulatory requirements
  • Complete all compliance training assigned to them to understand the key provisions of law, regulation and internal policies and procedures applicable to their job duties, as well as the impact of noncompliance on the company's reputation and success
  • Raise concerns about any practice(s) believed to be a violation of, or inconsistent with, company policies, procedures or other directives, or in violation of legal or regulatory requirements
  • Monitor processes and procedures to ensure safety and compliance
  • Model the Company's Vision and Values
  • Other duties as assigned
Skills and Experience
  • 3+ years of hands on application security experience
  • Demonstrated performance in delivering results in a fast-paced and highly complex organization
  • Ability to demonstrate a comprehensive application testing methodology
  • Ability to identify security vulnerabilities from source code reviews and testing
  • Hands-on development experience and thorough understanding of ASP.Net, and ASP.Net Core
  • Advanced knowledge of web application technologies (e.g. MVC, Ajax, XML, JSON, SOA, SSL, web related protocols and services)
  • Advanced experience with at least one scripting language (e.g. Perl, Python, PowerShell)
  • Advanced knowledge of common application vulnerabilities, (e.g. XSS, CSRF, SQL injection, cookie / header / encoding manipulation, input/output validation, session replay, etc.)
  • Experience with Web Application Firewalls
  • Working knowledge of TCP/IP ports and protocols
  • Intermediate knowledge of Microsoft SQL
  • Familiarity with Open Web Application Security Project (OWASP), National Institute of Standards and Technology (NIST) Special Publications, and Open Source Security Testing Methodology Manual (OSSTMM)
  • Understands concepts of software development principles and SDLC models
  • Ability to understand and apply knowledge of information systems security concepts (e.g., secure architectures, secure electronic data communications, network security, encryption technologies, and secure credentials management)
  • Ability to work well with other members of the team, peers, and senior management
  • Excellent written and verbal communication skills required
 Education or Equivalent Experience
  • Bachelor's degree in computer science or related field from an accredited college or university required.