Application Security Analyst Category Information Technology Location Nyc, Ny

Ariel Partners

Nyc, Ny
On-site
Application security & industry standards (owasp, nist)
Secured software development life cycle (ssdlc)
Threat modelling & risk assessments
Ariel Partners is seeking an experienced Application Security Analyst to support a Data Center Colocation and Migration project in NYC. The ideal candidate should possess extensive knowledge and experience in application security, vulnerability management, and various security frameworks and tools

Job Summary

  • Audit and analyze HRA/DSS/DHS Applications being moved as part of the Data Center Migration Project.
  • Evaluate application vulnerability scan reports, document findings, and define mitigation SLAs.
  • Develop application vulnerability mitigation strategy and controls to ensure secure deployment.

Matching Summary

Match Score: 85

Ariel Partners is seeking an experienced Application Security Analyst to support a Data Center Colocation and Migration project in NYC. The ideal candidate should possess extensive knowledge and experience in application security, vulnerability management, and various security frameworks and tools.

Skills & Requirements

Must-have

  • Application Security & Industry Standards (OWASP, NIST)
  • Secured Software Development Life Cycle (SSDLC)
  • Threat Modelling & Risk Assessments
  • Application Scanning for Vulnerabilities (SAST, DAST)
  • Integration of Security in CI/CD Pipeline, DevOps, Dev SecOps
  • API Security & Access Controls (OAuth, SAML, SSO)
  • Cloud Security
  • Security Frameworks (NIST, ISO 27001, PCI-DSS, SOC 2, HIPAA, GDPR, FedRAMP, HITRUST)
  • Vulnerability Management & Penetration Testing
  • Incident Response & Security Operations
  • Security Tools: VERACODE, IBM Appscan, SD Elements, Burp Suite

Nice-to-have

  • Agile Environment Collaboration
  • Project Management
  • Cross-Functional Team Collaboration
  • Client Engagement & Communication
  • Security Tools: CHEKMARX, Fortify, Prowler, SonarQube, SNYK, Wireshark, OWASP ZAP, Rapid7, STRIDE

Key Requirements

  • 8+ years of experience in Application Security
  • 8+ years of experience in SSDLC
  • 8+ years of experience in Threat Modelling & Risk Assessments
  • 5+ years of experience in Application Scanning
  • 8+ years of experience in CI/CD Pipeline, DevOps, Dev SecOps
  • 8+ years of experience in API Security & Access Controls
  • 8+ years of experience in Cloud Security
  • 8+ years of experience in Security Frameworks
  • 8+ years of experience in Vulnerability Management & Penetration Testing
  • 8+ years of experience in Incident Response & Security Operations
  • 8+ years of experience in Security Training & Awareness
  • 8+ years of experience in Agile Environment Collaboration
  • 8+ years of experience in Project Management
  • 8+ years of experience in Cross-Functional Team Collaboration
  • 8+ years of experience in Client Engagement & Communication
  • 8+ years of experience with Operating Systems: Windows Server, Apache, Microsoft IIS, Windows, Linux, VMware, Citrix
  • 8+ years of experience with Technology Stack: ASP, .NET, Visual Basic.NET, Visual Basic, Cold Fusion, JavaScript, HTML, C++, C#, MS PowerApps, Python, Powershell, Shell Scripting, Selenium

Work Rights

Not specified

Tailored Resume

Cover Letter