|Job Title||Information Security Application Analyst|
|Job Published||over 6 years ago|
|Contact Name||Max Horey|
We are looking for strong Analysis and Application skills to support the current Information Security programme of activities. As an Information Security Application Analyst, you will be responsible for identifying application and programming vulnerabilities, working with business teams to analyse security events, determine threats and evaluate risks. You will help across the business to ensure security risks are understood, and then work with security colleagues and development teams to avoid or mitigate these. You will be reviewing access levels and building systems that contribute to complying with regulatory requirements. We are going through a massive expansion and this role is key to supporting that growth in a controlled and managed way. This is a great opportunity to forge your career and work in an exciting company that not just talks about Information Security, but lives and breathes it too.
You will be someone who has contributed to the design and build of Information Security programmes and participated in efforts to identify code and application vulnerabilities. You will be passionate about Information and Application Security and have an ability to relate OWASP Foundation principles to multiple levels throughout a professional development organisation. You will be capable of analysing code samples and making enhancement recommendations to fix or mitigate potential weaknesses. You’re self-motivated and a self-starter who likes to collaborate in a supportive team structure to solve unique and challenging problems. You are capable of spotting new trends and anticipating changes needed to support the business. Your current or previous role will be based in a PCI compliant environment with emphasis on cloud-based technology, and you may have even worked or be working in an organisation utilising OWASP and other vulnerability models to guide secure coding practices. You will have previously worked within in an Application Security team or as part of a security function.