The Application Security Analyst is responsible for system policies and architecture, application security, system implementation and security integration. The Application Security Analyst will respond to and document security incidents, maintain the highest level of competency in the security field through continued education.
Duties & Responsibilities: - Lead vulnerability assessments and provide recommendations for remediation
- Review security elements in the Software Development Lifecycle (and off shelf software)
- Routinely test applications for vulnerabilities
- Recommend and perform penetration tests
- Monitor the internet for NYCM's footprint and work to remove any data regarded as inappropriate
- Build security architecture under supervision, translate security and risk framework into guidance and monitor adherence to architecture
- Assist in the implementation of systems, ensuring that security best practices are applied to customer applications and IT operations management systems
- Perform static/dynamic code testing, and manual code inspection and implement application security best practices
- Responsible for incident management process, including preparedness, response, and investigation
- Research emerging threats and make determinations as to corporate risk level
- Participates in afterhours monitoring and make quick decisions regarding threats
- Work with software developers to maintain application security, including development and implementation of application security training program
- Monitor and update the Software Development Lifecycle documentation
- Create and update incident management process
- Contribute to the development of security policies and security standards
- Meet project schedules and communicate project status on a regular basis for supervisor
- Work with security product vendors and service providers to evaluate security offerings, including product evaluations, proof of concept, and pilot installations
- Attend meetings and seminars
- Be available to work additional hours, as the business need dictates
- Other duties as assigned
Requirements: - Associate degree in a technical field or certification program in cybersecurity
- Commensurate experience equivalent to a bachelor's degree in cybersecurity, computer science, engineering, information security, networking, or related technical field
Qualifications/Skills: - Excellent technical skills
- Excellent knowledge of application security
- Experience with various penetration testing tools
- Knowledge of Ethical Hacking processes
- Pro-active attitude towards learning and applying security best practices with industry standard security certifications to be obtained
- Problem solving and logical thinking skills
- General knowledge of programming languages
- Organizational and prioritization skills
- Work independently or as a team member on assigned projects
Payband: 6N / Hours: 37.5 per weekSalary Range: $62,625 - $104,438Accepting applications until: 5/23/2025 Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.