Analyst, Application SecurityBookmark This
Polaris Industries Inc.
The Application Security Analyst will be a critical member of the IS Security team focused on application level security. Working with our internal development teams to ensure custom code creation is secure and follows corporate standards. Working with our database administration and network communication teams to ensure our data access methods are secure and the data is secure at rest and during transmission.
It is expected to have an understanding of current and emerging threats, be able to identify them in applications, and to help developers understand how to avoid them. The ability to communicate effectively with developers is essential.
ESSENTIAL DUTIES RESPONSIBILITIES
* Perform web application vulnerability assessments and reporting using web application assessment software. Also using centralized vulnerability scan engines to assess operating systems, network devices, databases and applications.
* Perform real-time web application protection against SQL injection attacks, malicious bots, zero-day attacks, data loss and defacement protection and any other Web Application attacks that exist.
* Knowledge of common vulnerabilities found in application code, such as SQL Injection vulnerabilities.
* Design reviews, sometimes spanning the detailed application level, the database level, and the network level
* Work with developers and systems analysts to improve the security of new product offerings
* Design and implement security analysis tools
* Excellent communication skills and ability to interact professionally with a diverse group of clients and staff in difficult or conflictive situations.
* Ability to quickly learn new technologies and keep abreast of the latest technological advances.
* Strong project management skills including coordination, organization, documentation and communication abilities.
* Strong organizational skills with ability to prioritize effectively.
* Provide technical assistance and direction to other team members.
* Bachelor’s degree in Business or Information Management or equivalent experience required.
* At least 5 years professional experience and at least 3 years focused on security and vulnerability analysis.
* GIAC GSEC/GSSP certification preferred
* Excellent problem solving and analytical skills.
* Excellent communication skills
* Ability to work under pressure and time constraints.
* Be able to work in a global organization supporting multi-language and multi-cultural environments.