Our client is seeking an Intermediate Security Analyst (5+years) specializing in application security within the utilities industry.
Responsibilities:
Recommend and test security controls within applications using both automated and manual techniques Perform web application vulnerability assessments and penetration testing Perform Cloud security testing and configuration validation across major cloud platforms including Azure, Oracle Cloud Infrastructure and AWS Conduct security testing for mobile operating systems and applications Perform security testing on web services and Application Programming Interface (APIs) Conduct code reviews and support secure code repositories Test and valid configurations of web applications behind Web Application Firewalls (WAF) Promote visibility into applications with security tools such as SIEM Perform Cyber Incident monitoring and security incident response Perform Threat Risk Assessments Must Have:
5+ years as a Security Analyst Application Development and/or Web Application Security experience testing and mitigating risks related to web applications and websites development Experience in static and dynamic application security testing using SAST/DAST tools and manual techniques Experience with Authentication Protocols such as SAML, OAuth2, LDAP, and TLS/SSL Standards Nice to Have:
Programming technologies such as Python, .Net, JavaScript, AJAX, JSON, and REST Cybersecurity standards such as CIS Open Web Application Security Project (OWASP) Application Security Testing and NIST -95 Standards Evaluating security controls in SDLC and DevSecOps programs Cloud security and cloud- deployment models Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), CEH, GIAC GWEB Cloud certifications such as Azure Microsoft Certified Azure Developer Associate Public sector Regina local
