Application Security Analyst

Posted Oct 2

Description

Position Summary:

The Application Security Analyst (ASA) is a virtual yet crucial role that provides technical expertise to the Security Operations Center (SOC) of the company. This position is responsible for monitoring the IT security environment to immediately detect, verify and respond swiftly to cyber threats, e.g. vulnerability exploitation, malware, cyber-attacks, etc. This role effectively enhances the incident response operations of the company by working closely with BERT, IT, and business stakeholders to respond in a non-disruptive manner. Working in conjunction with various IT, Operations, and Engineering personnel, this position will be a key contributor in executing the IT Security strategy, Security roadmap and formulation of the Security process relative to data security, API security, threat intelligence, security automation, and security awareness as it pertains to security monitoring, intrusion detection/prevention, purple teaming, endpoint security, Third Party Security Assessment (security questionnaires), SOC2, PCI DSS, and GDPR. This position is open to candidates who physically reside in an EU country: Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain and Sweden.

Duties and Responsibilities:

  • Implement, administer and support endpoint security software.
  • Conduct investigations of security events (e.g., unauthorized access, non-compliance with company policies, fraud, service exploitations, etc.) to determine malfunctions, breaches, and remediation steps.
  • Respond to daily service issues, problems and critical situations to support resolution and minimize downtime via our Help Desk system.
  • Leverage threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor's capabilities.
  • Assist in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines).
  • Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates and maintains and documents security controls.
  • Prepare status reports on security matters to develop security risk analysis scenarios and response procedures.
  • Perform quarterly Internal Audits on critical applications.
  • Have an understanding of Data Privacy regulations like General Data Protection Regulation (GDPR).
  • Other duties as assigned.

Requirements

  • Passion for the role and for continuous learning.
  • Bachelor’s degree in Computer Science, Cybersecurity, or equivalent subject matter area.
  • 2 to 5 years of continuous experience working in an IT or Security environment. No gaps.
  • General knowledge of IaaS, PaaS, SaaS, software applications, and design tools.
  • Strong analytical and problem-solving skills, ability to organize and prioritize multiple assignments, use initiative and judgment to accomplish results, participate as a team member, and complete job assignments in an accurate, timely, and professional manner.
  • Excellent presentation, communication, interpersonal, and customer service skills are required, and the ability to interact effectively and professionally with all learning styles, personality types, and levels of management, staff, and a variety of external entities, including customers and prospective customers of the company.