Application Security Analyst or Analyst Senior
Cleveland, OH
Applications have closed
Company
Federal Reserve Bank of ClevelandThe Federal Reserve Bank of Cleveland is part of the nation’s central bank and we’ve provided many opportunities for professional growth during our history.For twenty-four years in a row, we’ve been named “One of Northeast Ohio’s Best Places to Work” by North Coast 99. This prestigious award honors organizations with outstanding employment practices, including compensation, benefits, training, recruitment, retention, community services, and employee communications.
Our People Make the Difference! The Federal Reserve Bank of Cleveland is seeking innovative thinkers with vision to build the framework that will carry the Bank into the future.
Follow us on LinkedIn, Twitter, Instagram, and our YouTube channel – Cleveland Fed
To be considered for this role, candidates must be a U.S. citizen.
This role is based in Cleveland, Ohio, and is a hybrid work arrangement - individuals may be required to work some days in the Federal Reserve Bank of Cleveland while working the other days from home.
Organizational Expectations:
In this role you will provide leadership in protecting the confidentiality, integrity, and availability of web and/or mobile applications by establishing and enforcing system access controls. You will define system security requirements, recommend improvements to system security frameworks, ensure authorized access to systems through monitoring, performing testing, or scanning for security vulnerabilities, and raising security awareness.
General Responsibilities:
As needed, lead the Identification of security related issues and definition of security requirements during all phases of the application development lifecycle.
Review program/development documents to ensure adherence to secure coding standards, guidelines, and security requirements.
Draft, review, and approve security related test cases.
Coordinate or lead application security software testing efforts with other testing stakeholders.
Guide monitoring for atypical usage of information system accounts and other abnormalities to identify possible breaches.
Assist with FISMA initiatives, e.g., updating security plans, to support ISSO responsibilities.
Perform Penetration Testing activities to ensure web vulnerabilities are not present within Treasury Services applications.
Deliver conclusions and security recommendations to Treasury Services management, Fiscal Service, and other stakeholders. Performs other duties as assigned or requested.
Adheres to the Banks attendance policies through regular and prompt attendance.
Education and Experience:
Application Security Analyst: Bachelor’s degree with 3+ years of related work experience or Associate's degree with 5+ years of related work experience - Strong preference of at least one security certification (CISSP, CSSLP, CCSP, CEH, AWS Security, etc.)
Application Security Analyst Senior: Bachelor’s degree with 5+ years of related work experience or Associate's degree with 7+ years of related work experience - Strong preference of at least one security certification (CISSP, CSSLP, CCSP, CEH, AWS Security, etc.)
Knowledge and Skills:
Ability to analyze highly complex business requirements.
Thorough understanding of industry based security controls relating to applications, services, and systems.
Knowledge of cloud-based platforms and technologies.
Thorough understanding of security controls relating to access control, authentication, and auditing.
Demonstrated knowledge and understanding of information security industry trends and emerging technologies, especially relating to application security vulnerabilities.
Proficient at testing web application for security vulnerabilities, such as those listed in the OWASP Top 10 and familiar with the tools used for testing.
Demonstrated ability to learn new systems and technologies
Demonstrated ability to train others in the use of new systems and technologies
Excellent time management skills, and the ability to prioritize and multi-task.
Physical Demands and General Working Conditions
Employees typically sit most of the day, work with a computer and may answer/respond to phone calls. Physical movement consists of walking for meetings, breaks, etc. Ability to lift items weighing approximately 20 pounds on a limited basis is required. Employees may be required to travel by car/air.
Full Time / Part Time
Full timeRegular / Temporary
RegularJob Exempt (Yes / No)
YesJob Category
Information TechnologyWork Shift
First (United States of America)The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Audits AWS CCSP CEH CISSP Cloud Compliance FISMA Monitoring OWASP Pentesting Privacy Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs