Application Security Associate
ZAR IT Solutions
Tampa, FL
Application Security Associate
ZAR IT Solutions
Tampa, FL
- Other
Job Description
Location: Tampa or Dallas-hybrid
Business Unit Description
Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems.
The Technology Risk Management department is responsible for setting strategic direction in the areas of IT Risk and Information Security. They are accountable for maintaining CLIENT's corporate security policies and control standards and acting as an operational arm for monitoring threat intelligence.
Position Summary
The Application Security Associate is responsible for the security testing and risk analysis of CLIENT’s applications using various application security tools. Interaction with CLIENT developers (Application Development (AD)) to provide guidance, best practices and technical assistance in remediating application security issues will be part of the responsibilities. The individual should possess strong application software expertise, along with excellent communication, and organizational skills.
Specific Responsibilities
• Perform Ethical Application Penetration Testing (EAPT) on web applications and APIs.
• Coordinate with application development teams to collect the application details.
• Provide the vulnerability information in the predefined report format after performing the App Pentest using manual methodology and App Pentest tools such as Burp Suite and Web Inspect
• Provide assistance to the developers in detailing the vulnerabilities reported along with the recommendations for remediation
• Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk; escalates appropriately
Leadership Competencies for this level include
• Accountability: Demonstrates reliability by taking necessary actions to continuously meet required deadlines and goals.
• Global Collaboration: Applies global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions.
• Communication: Articulates information clearly and presents information effectively and confidently when working with others.
• Influencing: Convinces others by making a strong case, bringing others along to their viewpoint; maintains strong, trusting relationships while at the same time is comfortable challenging ideas.
• Innovation and Creativity: Thinks boldly and out of the box, generates new ideas and processes, and confidently pursues challenges as new avenues of opportunity.
Qualifications
• Minimum of 5 years of experience in application penetration testing
• Bachelor's degree is desirable
• Minimum of 3 years of experience in App Pentest tools such as Burp Suite and WebInspect
• Certified in OSCP or GWAPT
Business Unit Description
Our Risk Management teams work to protect the safety and soundness of our systems and are responsible for identifying, managing, measuring and mitigating a spectrum of key risk types including credit, market, liquidity, systemic, operational and technology in all existing and new products, activities, processes and systems.
The Technology Risk Management department is responsible for setting strategic direction in the areas of IT Risk and Information Security. They are accountable for maintaining CLIENT's corporate security policies and control standards and acting as an operational arm for monitoring threat intelligence.
Position Summary
The Application Security Associate is responsible for the security testing and risk analysis of CLIENT’s applications using various application security tools. Interaction with CLIENT developers (Application Development (AD)) to provide guidance, best practices and technical assistance in remediating application security issues will be part of the responsibilities. The individual should possess strong application software expertise, along with excellent communication, and organizational skills.
Specific Responsibilities
• Perform Ethical Application Penetration Testing (EAPT) on web applications and APIs.
• Coordinate with application development teams to collect the application details.
• Provide the vulnerability information in the predefined report format after performing the App Pentest using manual methodology and App Pentest tools such as Burp Suite and Web Inspect
• Provide assistance to the developers in detailing the vulnerabilities reported along with the recommendations for remediation
• Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk; escalates appropriately
Leadership Competencies for this level include
• Accountability: Demonstrates reliability by taking necessary actions to continuously meet required deadlines and goals.
• Global Collaboration: Applies global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions.
• Communication: Articulates information clearly and presents information effectively and confidently when working with others.
• Influencing: Convinces others by making a strong case, bringing others along to their viewpoint; maintains strong, trusting relationships while at the same time is comfortable challenging ideas.
• Innovation and Creativity: Thinks boldly and out of the box, generates new ideas and processes, and confidently pursues challenges as new avenues of opportunity.
Qualifications
• Minimum of 5 years of experience in application penetration testing
• Bachelor's degree is desirable
• Minimum of 3 years of experience in App Pentest tools such as Burp Suite and WebInspect
• Certified in OSCP or GWAPT
Powered by JazzHR
WQd1UsNkpI
Address
ZAR IT Solutions
Tampa, FL
33647
USA
Industry
Technology
Posted date
23 days ago
How can the hiring manager reach you?
You Already Have an Account
We're sending an email you can use to verify and access your account.
If you know your password, you can go to the sign in page.
