🌎
This job posting isn't available in all website languages

Application Security Analyst

📁
Security
📅
2000970 Requisition #
TriNet is a leading provider of comprehensive human resources solutions for small to midsize businesses (SMBs). We enhance business productivity by enabling our clients to outsource their HR function to one strategic partner and allowing them to focus on operating and growing their core businesses. Our full-service HR solutions include features such as payroll processing, human capital consulting, employment law compliance and employee benefits, including health insurance, retirement plans and workers’ compensation insurance.

TriNet has a nationwide presence and an experienced executive team. Our stock is publicly traded on the NYSE under the ticker symbol TNET. If you’re passionate about innovation and making an impact on the large SMB market, come join us as we power our clients’ business success with extraordinary HR.

JOB SUMMARY/OVERVIEW

The Application Security Analyst will support Enterprise initiatives helping to provide expertise on Application Security, including helping to review of current state applications to identify defects. In addition, they will help to establish the required application layer security controls, analyze frameworks for improvements and develop implementation plans. They will work with the Sr Application Engineers on the team to set policies and rules for application security, review and analyze Statistic Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tooling rules and optimize needs.

ESSENTIAL DUTIES/RESPONSIBILITIES

  • Supports Enterprise Lead Security Architect direction and execution with goal of improving overall application security.
  • Provides training and expertise to various teams on specific relevant topics (example OWASP Top 10 2017).
  • Understands and assists in Layer 7 Firewall Rules.
  • Assists in design and security of the Continuous Integration and Deployment (CICD) pipeline, automation and risk tolerance.
  • Assists in providing consultation for the design, delivery and quality of secure data application and infrastructure solutions through risk management, guidance, education, and information security expertise for business areas
  • Supports the enterprise by enabling secure solutions spanning applications, services, and vendor capabilities, platforms, offerings, and technical architectures
  • Documents and escalates policy exceptions or compliance deviations for review and risk assessment
  • Supports the information system owner in selecting security controls and provides control validation
  • Assists in validating vulnerabilities identified from the Vulnerability program manager.
  • Other projects and responsibilities may be added at the manager’s discretion

JOB REQUIREMENTS AND QUALIFICATIONS

Education:

  • Bachelor’s degree required/preferred; or equivalent education and/or related work experience.
  • Training Requirements (licenses, programs, or certificates):
  • The following certifications are preferred: CCSK, Security+, CEH, CRISC, or OSCP
  • OWASP Membership and demonstrated usage

Experience:

  • Minimum 3 Years in application security
  • Experience and familiarity with Burp Suite is required
  • Experience and familiarity with the following:
  • Burp Suite is required
  • Understanding of OWASP
  • OO Languages (Java Preferred)
  • Automation tooling (ansible, puppet, Jenkins etc.)
  • Patch management
  • Scripting (Bash/Perl/Python/PHP/JS)
  • Usage and understanding of App Layer Frameworks (e.g. ESAPI, Spring Security)
  • API Security
  • Cloud Security
  • Other Knowledge, Skills and Abilities:
  • Knowledge and understanding of the following concepts: SDLC, CI/CD, and OWASP topics.
  • Excellent verbal and written communication skills
  • Ability to communicate with employees at all levels of the organization
  • Strong knowledge and understanding of both state and federal employment laws
  • Excellent interpersonal skills
  • Excellent presentation and facilitation skills
  • A demonstrated commitment to high professional ethical standards and a diverse workplace
  • Ability to adapt to a fast paced continually changing business and work environment while managing multiple priorities
  • Proficient in Microsoft Office Suite
  • Ability to show understanding of UTM/NGFW Rules
  • Knowledge of the overall information security policies, program, and risk posture as well as capabilities including but not limited to access management and encryption
  • Possess ability to articulate security requirements and tasks that need to take place throughout the Solution Development Lifecycle
  • Possess ability to identify deficiencies in security, risk, or compliance and articulate options for compensating controls to both technical and non-technical audience
  • Ability to research and perform Risk Assessments
  • Ability to document application architecture artifacts.

WORK ENVIRONMENT/OTHER INFORMATION (Travel required, physical requirements, on-call schedules, etc.)

  • Minimal travel required
  • Work in clean, pleasant, and comfortable office setting
  • The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Please Note: TriNet reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business necessity.

TriNet is an Equal Opportunity Employer and does not discriminate against applicants based on race, religion, color, disability, medical condition, legally protected genetic information, national origin, gender, sexual orientation, marital status, gender identity or expression, sex (including pregnancy, childbirth or related medical conditions), age, veteran status or other legally protected characteristics. Any applicant with a mental or physical disability who requires an accommodation during the application process should contact recruiting@trinet.com to request such an accommodation.
 
#LI-VB1

Previous Job Searches

Activity Feed

9047
Job shares through TriNet
Someone referred the Representative, Field Operations position. About an hour ago
Someone referred the Representative, Solution Center position. About an hour ago
Someone referred the Process Optimization and Automation Manager position. 7 hours ago
Someone applied to the Specialist, Assigned Support position. 18 hours ago
Someone applied to the Specialist, Platform/Payroll position. 21 hours ago

Similar Listings

United States

📁 Security

Requisition #: 2100147

United States

📁 Security

Requisition #: 2000954

United States

📁 Security

Requisition #: 2100050