Application Security Analyst - 6 month contract - London
An Application Security Analyst is required to join the GM IT Application Security Team. The role will focus on integrating security practices within IT development teams, and supporting applications comply with the Application Security Baseline. This is an exciting opportunity to work with interesting security challenges in an environment with many different development platforms, communications technologies, and advanced trading systems.
The successful candidate will have:-
- Excellent understanding of development security and its implementation in systems: identification, authentication, access control and provisioning, alignment of jurisdiction to business process
- Familiarity with common security vulnerabilities (e.g. OWASP Top 10)
- Strong technical skills required to understand vulnerabilities in detail and how to resolve/mitigate them.
- Excellent knowledge of programming best practices, design patterns, etc.
- Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues.
- Well-developed written communication skills with the ability to summarise key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors.
- Development experience, preferably in Microsoft Visual Studio, .NET and Java
- Experience of specific security products and technologies: CA Siteminder, 2 factor authentication, Kerberos / SAML authentication solutions
- Experience of the development lifecycle within .NET, C# and/or Java projects
- Hands-on penetration testing experience
- Experience with source code analysis products (HP/Fortify)
- Knowledge of Web Application Firewalls: how to apply them and to define effective custom rule
- Please contact Jason Horwood 01908 886030 for more.