Application Security Analyst (ASA) - Remote

The Application Security Analyst (ASA) plays a vital role in keeping our proprietary and sensitive information secure. The person will work with various departments to identify and fix flaws in the company's security systems, solutions, applications, and programs while recommending specific measures that can improve the company's overall security posture.

• The ASA is responsible for ensuring that the company's digital assets are protected from unauthorized access. This includes infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur.

• The ASA is responsible for generating reports for IT & Security to evaluate the efficacy of the security policies in place. They will then help make the necessary changes for a more secure network. They may also create training programs and modules to educate employees and users on proper security protocols.

• Furthermore, the ASA is responsible for keeping the company's security systems up to date and creating documentation and planning for all security-related information, including incident response and disaster recovery plans.

Other specific responsibilities include
• Monitoring security (access, alerts, logs, audit trails)
• Conducting security assessments through vulnerability testing and risk analysis
• Performing both internal and external security audits
• Continuously updating the company's incident response and disaster recovery plans
• Verifying the security of third-party vendors and subprocessors

Requirements

Skills: You'll need to have

• A passion for cybersecurity and a keen interest in IT
• Excellent IT skills, including knowledge of computer networks, operating systems, software, applications, hardware, and security
• An understanding of the cybersecurity risks associated with various technologies and ways to manage them
• Good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention, and anti-virus
• Proactive analytical and problem-solving skills to identify and assess risks, threats, patterns, and trends
• Team working skills to collaborate with team members and employees
• Verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
• Written communication skills
• Time, Project Management, and organizational skills to manage a variety of tasks and meet deadlines
• The ability to multi-task and priorities your workload
• Excellent attention to detail
• An ability to work under pressure

Qualifications / Experience

• At least 4+ years of relevant experience
• Experience in Application / Mobile and Infrastructure Security Assessment, Secure Code Review Experience in Dynamic Application Security Testing, or Security Audits
• Good understanding of Vulnerability analysis (VA) tools
• Good understanding of Windows, Linux, Android and iOS
• Good understanding of OWASP Top 10 vulnerabilities, SANS, CIS Top 18, and NIST 800-53, SOC 2
• Any current security-related certifications such as CEH, SANS, OSCP, CISA, CISSP, AWS, AZURE, or Google Cloud
• Good understanding and experience in IT Audits will be an added advantage
• Help Desk or Customer Support experience would be good