Application Development Security Analyst
So what does an Application Development Security Analyst really do Think of yourself as someone who will do the application of design reviews, security testing, critical code reviews, remediation and mitigation of audit findings in adherence to standards and safe practices, so not just anyone is qualified for this role! We make sure we get the best of the best, after all, we are a ridiculously good company so we make sure our employees are top notch. So come on, now we need your full concentration because it’s time to imagine what it’s like being an Application Development Security Analyst.
Imagine yourself going to work with one thing on your mind: you will work in support of the Information Security, Applications Development team, and business units In threat modeling on new and existing products and features to help guide security activities, suggesting preferred implementation patterns and identifying areas of security risk for scrutiny. As you tackle your new tasks for the day, you know that it will lead to one thing your department believes in: that you will review implementation code and perform tests on critical products and features; identify security flaws and suggest remediations based from Open Web Application Security Project (OWASP) and other secure Software Development Life Cycle (SDLC) standards and frameworks.
As an Application Development Security Analyst, you will help architect solutions that are inherently secure (Designing, Threat Modeling, Prototyping). You will correctly balance security risk and product advancement. You will provide engineering designs for new software solutions to help mitigate security vulnerabilities. You will implement, test and operate advanced software security techniques in compliance with technical reference architecture. You will perform ongoing security testing, technical assessments and code review to improve software security. You will conduct research on emerging practices, services, protocols, and standards in support of system security and compliance enhancement and development efforts. You will assist the development and maintenance of security operations procedures and processes, as well as work with the business units outside of InfoSec to formally document policies and procedures. You will recommend and support deployment of additional security products and tools, or enhancements to existing tools, to mitigate security risk and detect/remediate compromises. You will work with security engineers for the optimal configuration of network and host-based security platforms in line with compliance and product requirements. You will provide incident response support as needed in response to information security related events. In the event of security incident response, participate in the analysis, troubleshooting, and investigation of security-related, information systems anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts. You will evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations. You will perform other duties as assigned.
So, do you have what it takes to become an Application Development Security Analyst
What is it we’re looking for Well, since this is about application security, we need someone who has at least a bachelor’s degree in MIS/Computer Science or Business and/or a combination of education and relevant experience. We also need someone with 5 years of demonstrated application security experience. Someone with detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation. Someone with strong demonstrated knowledge of web protocols and an in-depth knowledge of Linux/Unix/Windows tools, architecture, and cloud environments. Someone who demonstrated software development proficiency and comprehension of algorithms and processes for programmatic automation via scripting or programming languages (.NET, Python, Ruby, shell, perl, etc.). Someone with a well-rounded background in host, network and application security.
What else We need someone with sound technical writing, documentation, and communication skills. Someone with a strong understanding of enterprise, network, system and application level security issues. Someone who has an understanding of the system hardening processes, tools, guidelines and benchmarks. Someone who has good Project Management skills with the ability to self-starter projects. Someone who has the ability to handle sensitive and/or confidential material and information with suitable discretion. Someone with excellent interpersonal skills and a professional demeanor. Someone who has the ability to travel up to 20% internationally and domestically.
TaskUs is the fastest growing tech-enabled business services company in the world, delivering the customer support, AI operations and content security services that power the world’s most innovative companies. Listed as one of Glassdoor‘s 100 Best Places to Work, USA Today’s Best Company Cultures and Best Companies for Women by Comparably, TaskUs is a Frontline-First company that puts its people at the heart of everything they do.
TaskUs has been recognized as one of the Inc. 500 Fastest Growing Private Companies in America for the past seven years consecutively. Founded in 2008 by Bryce Maddock and Jaspar Weir, the company raised over $250mm in 2018 from the world’s largest private equity firm, Blackstone.
TaskUs currently has over 18,000 employees and offices across the U.S., Philippines, India, Taiwan, and Mexico.
TaskUs, Inc. is an equal opportunity employer.
To find out more visit www.TaskUs.com.