Web Application Security Analyst
Location: Remote
We are looking for a security analyst that will operate our web applications canning program, tie web application targets and their identified vulnerabilities to owners, and coordinate remediation of high-risk findings. The candidate should be able to operate with minimal leadership direction and is expected to complete tasks and projects independently
Job Description
Responsibilities include:
- Manage web application scanning environment (cloud-based)
- Engineer and maintain web application scanning policies
- Maintain processes and IT/business relationships to identify and keep up to date an inventory of internal and external web application scanning targets
- Identify web application targets that require credentialed scans
- Conduct recurring scanning and ad-hoc scanning
- Evaluate scan findings
- Tie web applications and their vulnerabilities to owners
- Communicate with owners to drive remediation of findings
- Track findings through remediation
- Report weekly/monthly/quarterly metrics
Required skills and experience:
- Minimum of 12-month experience as a web application scanning SME
- Experience running credentialed web application scans
- Experience reporting metrics for a vulnerability or web application scanning program
Desired skills and experience:
- Enterprise vulnerability management experience
- Creating and updating scripts (Python, Powershell, REST API, C#, PERL)
- Experience with Tenable, Qualys, or Rapid7
- Familiarity with web application development
#DICE
tkettwick@c4techservices.com
Read Full Description