G-TECH Jobs

Outcomes & Activities:

· Perform application security assessments for new and existing applications

· Document and report application vulnerabilities and suggest mitigations

· Develop and manage a repeatable secure development process

· Analyze industry security threats and develop strategies to detect and mitigate

· Possess the ability to discuss and present technical solutions to all levels of the business

Competencies:

· Continuous Improvement/Innovation: Identifies, recommends and advocates for improvement opportunities for existing standards, policies and processes.

· Value Assessment: Prioritizes and identifies more critical and less critical activities and tasks; adjusts priorities as appropriate.

· Active Listening: Understands what is being said and the context in which it is being said.

· Collaboration/Customer Focus: Treats everyone like a customer and collaborates with them to clarify and achieve objectives.

· Verbal Communication: Speaks in a clear, concise, organized, and effective manner for the intended audience.

· Written Communication: Writes in a clear, concise, organized, and effective manner for the intended audience.

· Accountability/Ownership: Takes responsibility for delivering the work product.

· Escalation: Recognizes areas of risk and escalates through the correct channels in a timely manner.

· Time Management: Effectively manages time and resources to ensure that work is completed efficiently.

· Critical Thinking: Understands complex information coming from different sources to evaluate, reconcile conflicts and determine the best possible outcomes.

· Impact Analysis: Understands the rationale behind changes and how they impact the enterprise and/or applications and across the technical ecosystem.

· Solution Design: Ability to translate high-level requirements to create and implement designs that are technically sound, maintainable, cost-effective and meet the needs of the customer.

· Technical Domain: Has an understanding of the technical domain including application architecture, design and data.

Requirements:

· Bachelor’s degree or equivalent in Computer Science, Information Technology or closely related field of study

· Minimum of 5 years in a position in Information Technology

· Minimum 3 years in Information Security

· Strong knowledge of application security testing (SAST and DAST) and DevOps tools

· Excellent knowledge in application development and security analysis

· Hands-on experience with OWASP Top 10 standards, including mitigation of common threats like SQL Injection and Cross-Site Scripting

· Familiarity with Sarbanes-Oxley, GLBA, ISO 27001, HIPAA

· Experience with project management, and enterprise-level deployments & upgrades

· Ability to lead development group discussions on vulnerability mitigation, good coding practices, and security risks

Participate in an on-call (24x7) rotation

Category Security

Function Information Technology

Req ID JN -082020-114543