Application Security Analyst Sr

Description

Execute and Support the domain operational procedures (communication, coordination and tracking) of Application Security Vulnerabilities. This includes but is not limited to running Application Security Scans (SAST, DAST, etc.).

• Support Application Development teams with results from scans through reviewing findings with Application Teams and document and tracking security findings through remediation.
• Drive security efficiencies through automaton, enabling security team members to work on more advanced tasks.
• Support Application Development teams with results from scans through reviewing findings with Application Teams and document and tracking security findings through remediation.
• Train developers and junior application security engineers on weaknesses to avoid.
• Regularly monitor the security community for public-facing security issues, as well as to learn new tactics that can be used in testing. Use security standards and implementation configurations, as well as common security frameworks to improve the program.
• Focus on application security that observes compliance -Gramm-Leach-Bliley Act (GLBA), Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), etc. – and privacy laws.

Required Qualifications:

• Application development experience in designing and implementing software systems, building mission-critical and highly reliable software (3+ years experience)
• Application development background in Java/.Net or similar with excellent understanding in mitigating OWASP Top 10 attacks on web applications/services, cryptography, key management, PKI, TLS/SSL, DDoS mitigation, authentication, authorization, and/or general web application security (3+ years experience)
• Firm understanding of secure/rugged engineering concepts such as secure coding practices and secure code reviews used to identify, mitigate, and prevent threat vectors (1-3 years experience)
• Firm understanding of vulnerability management lifecycle and process (1-3 years experience)
• Firm understanding of security architecture and tools which can be leveraged for Application Security mitigation (1-3 years)
• Firm experience with Security Assessment Toolsets (1-3 years)
• Firm experience in automation and scripting of applications and systems (1-3 years)
• Firm knowledge of relational databases and structured query language (1-3 years)
• Firm knowledge of client/server relationships and multi-tier environments (1-3 years)
• Ability to communicate effectively clearly and concisely to drive change
• Ability to communicate effectively clearly and concisely verbally and through technical writing

#LI-Remote

Workplace Type:

EEO/AA Employer/Minority/Female/Disability/Veteran/Sexual Orientation/Gender Identity

Tobacco-Free Hiring Practice: Visit Huntington’s Career Web Site for more details.

Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position

Reference Number:R0029153