Application Security Analyst II
Horizon Blue Cross Blue Shield of New Jersey
- Newark, NJ
- $84,700-115,605 per year
- Permanent
- Full-time
The Application Security Analyst II will partner with developers to conduct application security assessments. The individual will work closely with technical teams and analyze potential security impacts and pitfalls associated with threats and vulnerabilities to applications and systems. Candidate will advise developers, business owners and technical teams on options to mitigate the risk and accordingly must have excellent verbal, written and interpersonal communication skills. This position reports to the Application Security Manager.
- Perform application code review for security vulnerabilities and practices dangerous to application security and privacy to reduce the security risk to the organization.
- Knowledge of script languages (Python, Perl, Ruby) and build automation tools on an ad-hoc basis
- Write and optimize custom rules on automated source code scanning tools
- Communicate vulnerabilities risks and remediation methods to developers and technical teams
- Write reports including recommendations, root cause analysis, security summary analysis, and project roadmaps
- Research new and emerging threats and incorporate test vectors for detection
- Create and deliver knowledge sharing presentations and documentation to security, developers and operations teams Learn on the job and explore new technologies with little supervision to identify new and emerging security threats.
- Requires a minimum of 4 years of professional IT work experience with a Bachelors Degree ; or a master's degree and 2 year of professional work experience or relevant work experience in lieu of college degree L5, Java, JavaScript, Objective-C, C++, C#, Python, Perl, etc.-
- Experience reading and understanding code in the following languages such as HTM
- SANS Certifications
- Programming Certifications
- Secure SDLC
- Common vulnerabilities in the OWASP top 10 list such as SOA, HTTP, SSL, LDAP, JDBC, Servlet/JSP, SQL, HTML, XMLProtocols/technologies
- Administration/tuningJava Application and Java Application Server
- Amazon Web Services (AWS) and/or VMware vCloud and/or Docker
- Ability to understand software design algorithms
- Strong knowledge of one or more of the following programming languages: HTML5, Java, Objective-C , C#, C++, SQL is preferred
- Ability to write scripts in languages such as Python, BASH, or PowerShell for automation preferred
- Ability to read and debug code and understand vulnerabilities in the code