Looking candidates for-IT Security Analyst

Job Description

Position Type : Full time Type Of Hire : Experienced (relevant combo of work and education) Education Desired : Bachelor of Engineering Travel Percentage : 0%Are you curious, motivated, and forward-thinking At FIS, you ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun. About the team It s an amazing opportunity to join a Talented team of innovative and committed folks doing interesting work at the world s largest global provider dedicated to financial technology solutions! What you will be doing
• Analyze business requirements and security solutions to deliver business appropriate levels of protection.
• Experience and knowledge in Burp Suite tool for dynamic testing.
• Primarily responsible for application security but with a good working knowledge of other security domains (Cryptography, Identity and Access Management, Threat and Vulnerability Management, Infrastructure and Networks and Auditing, Logging and Compliance).
• Lead security engagement with development teams and embed security into the SDLC
• Proactively monitor emerging threats and security technologies and contribute to FIS security technology roadmap accordingly
• Working with Waterfall, Agile, and DevOps teams to ensure security requirements and secure development are incorporated into the processes
• Support the development and delivery of software security standards, with related documentation processes and procedures.
• Engage with software architects to ensure the security architecture is aligned with the business and security strategy.
• Experience in identifying, assessing and providing remediation options for Application and Technology related security risks
• Ensure that any strategy set within this Security function, adheres to the Corporate Security Policy as well as Compliance standards such as PCI DSS, P- DSS, DPA, FSA, SAS70, ISO/IEC 27001 and SOX where relevant
• Familiarity with risk management programs, ensuring that emerging weaknesses and risks are analyzed and mitigated in a timely manner
• Cryptography knowledge including understanding of PKI, Certificate and Key Management Processes.
• Effective reporting with metrics demonstrating an increase in maturity and reduction in risk.
• Other related duties assigned as needed.
What you bring:
• At least 2 years of development experience, ideally in Java or .NET or any other programing language.
• Knowledge of security technologies (encryption, data protection, design, privilege access, etc.)
• Proficiency in time management, communications, decision making, presentation and organizational skills
• Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules
• Excellent decision-making, analytical and problem solving skills
• Excellent verbal and written communication skills to technical and non-technical audiences of various levels in the organization
• Experience establishing and maintaining effective working relationships with employees and/or clients
• Strong knowledge of development and application security
• Knowledge of penetrating testing methodologies and security functional testing
• Hands-on experience performing application penetration and static and dynamic security assessments with tools such as: Burpsuite, OWASP ZAP, AppScan, WebInspect, Fortify, Veracode, Checkmarx, Black Duck, etc.
• Knowledge of OWASP Top 10/ SANS Top 25, identify vulnerabilities via manual and automated testing methods and how to effectively remediate vulnerabilities associated with each
• Expert knowledge of information security principles, web applications, and intermediate familiarity with malicious code and common hacking techniques used by malicious actors
• Experience conducting risk assessments and performing threat modeling of applications
• Ability to collaborate with teams remotely
What we offer you:
• A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities
• A broad range of professional education and personal development possibilities FIS is your final career step!
• A competitive salary and benefits
• A variety of career development tools, resources and opportunities
Privacy StatementFIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice .Sourcing ModelRecruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.,

Keyskills :
networkingkey managementrisk managementproblem solvingtime managementweb applicationsaccess managementdevelopment tools