TITLE:  Application Security Analyst

Our Alpharetta, GA based client is seeking a motivated, driven, energetic Application Security Analyst to join their growing team!!!  Known for it's culture, fun atmosphere, opportunity for growth, and the amazing people who contribute daily; our client is the only financial services technology of it's kind who offers a convenient source of recurring funds for any payment platform to encourage consumer adoption of new and existing digital payments.

Our History:
From our start in 2009, Conexess has established itself in 3 markets, employing nearly 200+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies, to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record
 

Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project based work.

DESCRIPTION

Looking for an Application Security Analyst to manage the Vulnerability Management Program and Application Penetration testing, within the Information Security Department. This role is an integral part of a rapidly growing technology firm. The primary function of this role is to manage the application vulnerability management program. This role will also contribute to our Secure Software Development Program. As a member of Information Security, this individual will also contribute to the Governance Risk Compliance Program as part of the organization’s overarching security and regulatory requirements (i.e. HIPAA, SOC1, SOC2, ISO27001, SOX, GLBA, GDPR, PIPEDA, NY Cybersecurity Law, etc.) and industry accepted practices in the security space.

The candidate will perform security assessments over a variety of areas, work with product delivery to validate vulnerabilities, define recommendations, prepare and present reports of assessment findings, and follow up on remediation of ongoing vulnerabilities with Product Delivery and relevant stakeholders. This role will develop, define, maintain, and communicate application security standards, and conduct application security audits. Furthermore, this candidate will be responsible for supervising and developing staff.

In addition to the compliance and assessment requirements of the Application Security Analyst’s role, the candidate will have the opportunity to contribute and lead other areas within the Information Security arena. This includes projects related to such topics as: Security Governance, IT Security Risk Assessment, Compliance Audits, as well as various security initiatives.

Job requirements:

The successful candidate should have:

• 5+ years of experience managing a production Windows and Linux environment
• This role will schedule, monitor, and maintain application vulnerability security tools
• Provide support and resolution for scanning and vulnerability remediation matters
• Advise and coordinate across multiple groups, providing reasonable approaches to mitigate risks
• Develop, define, maintain, and communicate secure software development policies, procedures, standards, and guidelines
• Actively contribute and manage a wide array of security projects. It will require out-of-the-box thinking, as the Information Security & Risk Management office is heavily consulted on a wide range of items
• Monitors and reports on compliance with security policies, as well as the enforcement of policies within the IT department and throughout the organization, as well as with industry regulations, including HIPAA, GLBA, GDPR, ISO27001, and PIPEDA, and NY Cybersecurity Law
• Proposes changes to existing policies and procedures to ensure operating efficiency and regulatory compliance

Provide security communication, awareness and training for audiences, which may range from front line staff to senior management.

Qualifications
 

• B.S. in Computer Science, Engineering, Business or related discipline (or equivalent experience)

• CISSP Certification will be required through self-study within six (6) months of employment