Jacksonville, Florida, USA
63 days ago
Senior Application Security Analyst - Must have knowledge of API's

Position Type :

Full time

Type Of Hire :

Experienced (relevant combo of work and education)

Education Desired :

Bachelor of Computer Science

Travel Percentage :

0%

Job Description

We are FIS. Our technology powers the world’s economy and our teams bring innovation to life. We champion diversity to deliver the best products and solutions for our colleagues, clients and communities. If you’re ready to start learning, growing and making an impact with a career in fintech, we’d like to know: Are you FIS?

About the role:


As an IT Security Analyst Senior with FIS, your skills will be put to the test on the front lines of cyber-crime. Information security is at the heart of fintech and you’ll help protect and secure highly-sensitive financial data for customers around the world.

About the team:

Application Security Group focus heavily on supporting development teams to secure the applications. A key part of the role will be integrating with the development teams and ensuring they fully integrate the Secure Software Development Lifecycle into their development process, with a focus on secure design and coding, threat modelling, static and dynamic code analysis, API security and developer training. The role will involve working with developers located in multiple other countries. The ability to at times be flexible with working hours to accommodate the hours of the developers across different time zone will also be required.

What you will be doing: 

. Develop policy and standards for API security.
· Experience and knowledge in Application Programming Interface (API), static application security testing (SAST) and related tools like Veracode / Checkmarx / Fortiy.
· Experience and knowledge in Burp Suite tool for dynamic testing (DAST).
· Primarily responsible for API application security but with a good working knowledge of other security domains (Cryptography, Identity and Access Management, Threat and Vulnerability Management). 

What you bring: 


· At least 4+ years of working experience in application security that includes API, SAST and DAST along with development experience, ideally in Java or .NET or any other programing language.
· Knowledge of security technologies (encryption, data protection, design, privilege access, etc.)
· Proficiency in time management, communications, decision making, presentation and organizational skills
· Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules
· Excellent decision-making, analytical and problem-solving skills
· Excellent verbal and written communication skills to technical and non-technical audiences of various levels in the organization
· Experience establishing and maintaining effective working relationships with employees and/or clients
· Strong knowledge of development and application security
· Hands-on experience performing application API security assessment, static and dynamic security assessments with tools such as: Burpsuite, OWASP ZAP, AppScan, WebInspect, Fortify, Veracode, Checkmarx, etc.
· Knowledge of OWASP Top 10/ SANS Top 25, identify vulnerabilities via manual and automated testing methods and how to effectively remediate vulnerabilities associated with each
· Expert knowledge of information security principles, web applications, and intermediate familiarity with malicious code and common hacking techniques used by malicious actors
· Experience conducting risk assessments and performing threat modeling of applications
· Ability to collaborate with teams remotely

Added bonus if you have: ISC2 Certification

What we offer you:
At FIS, you can learn, grow and make an impact in your career. Our benefits include:
• Flexible and creative work environment
• Diverse and collaborative atmosphere
• Professional and personal development resources
• Opportunities to volunteer and support charities
• Competitive salary and benefits


FIS is committed to providing its employees with an exciting career opportunity and competitive compensation. The pay range for this full-time position is $84,720.00 - $142,320.00 and reflects the minimum and maximum target for new hire salaries for this position based on the posted role, level, and location. Within the range, actual individual starting pay is determined additional factors, including job-related skills, experience, and relevant education or training. Any changes in work location will also impact actual individual starting pay. Please consult with your recruiter about the specific salary range for your preferred location during the hiring process.

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

EEOC Statement

FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here


For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass

Confirm your E-mail: Send Email