Overview Job Purpose The Junior Analyst, Information Security Application Security is part of a team responsible for ensuring that ICE produces and maintains secure applications. The team member influences secure design, performs code analysis, identifies vulnerabilities through hands-on penetration testing, assists developers in remediation efforts, and communicates findings to developers, QA teams and management. Responsibilities Application Identification and Review - Operates the Application Development Security Lifecycle from design review through automated and hands-on testing. Standards and Policies - Maintains and contributes to Application Development Security Policies and standards by keeping up with industry trends and publications from organizations such as NIST, OWASP, and SANS. Secure Design – Works with development teams to establish security requirements early in the SDLC and contributes security subject matter expertise during the development of new projects and releases. Tool Management – Focuses on automation while implementing, maintaining and integrating cutting-edge technologies to assess an application’s security with static code analyzers (SAST), dynamic testing (DAST) tools, software composition scanners, Web Application Firewall (WAF) and bug bounty programs. Developer Education – Keeps software engineers apprised of secure coding practices and builds strong rapport and respect with the ICE application development community via training sessions, one-on-one education, Intranet blogs and other opportunities. Knowledge and Experience Minimum knowledge, experience and qualifications required - only candidates that meet these minimum qualifications may be considered, so allow sufficient flexibility to fill the role This may include: Training or Bachelor’s degree in Engineering, MIS, CIS, or related discipline Hands-on experience with Software engineering in Java, C++, .NET and/or related languages is a plus No minimum of experience within the field for Junior role Other work/general skills: Excel, Workflow automation tools, NIST Cyber Security Framework, CIS, RBAC Schedule This role offers work from home flexibility of one day per week. Intercontinental Exchange, Inc. is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin or ancestry, age, disability or veteran status, or other protected status.