Posted 2 months ago by

Sr Info Security Analyst - Mobile

Phoenix, AZ, United States
Employment: Full Time Experience: Senior

This role is responsible for acting as a technical lead for the Mobile Application Security Review (MASR) team. The Application Security Management organization is responsible for several key information security functions including application security scanning in the SDLC, vulnerability management and governance. The MASR team is responsible for performing security testing on mobile applications and managing the remediation of the findings, on both iOS and Android platforms.

Responsibilities of this position will include but not be limited to the following:
  • Provide technical direction and strategy for team, including performing evaluations of new tools and services.
  • Act as technical liaison between Mobile Application Security and mobile application development teams, including guiding teams towards strong application security practices and remediating known risks.
  • Implement automation efforts to reduce manual workload and deliver results to customers effectively
  • Develop and implement continuous service improvements to Mobile Application Security Management program
  • Leads other technical resources on team, providing support and solutions to service application development partners
  • Delivers next generation application security controls, socializing with application teams to ensure strong adoption and solves technical barriers with tools and processes
  • Works individually and with teams on both structured and unstructured assignments
  • May participate as subject matter expert or lead multiple moderately complex initiatives
  • May be required to provide off hours support
Qualifications:

The successful candidate will be a results driven, flexible team member possessing the following required qualifications:

  • Typically holds a Bachelor's degree in Computer Science, Information Systems, or other related field (or equivalent work experience).
  • Professional Audit or Information Security certification strongly preferred (e.g. CISA, CISSP, CISM, etc.)
  • Prior experience with CI/CD, DevOps, and Application Development preferred
  • Requires expert level knowledge in tools and/or processes to reliably identify mobile application security issues and business logic flaws (SAST, DAST, RASP, etc)
  • Strong knowledge of open source and commercial security tools and frameworks for mobile application security, including but not limited to Kali Linux, Zed Attack Proxy (ZAP), BURP Suite, NowSecure, HP Fortify on Demand, Data Theorem, SonarQube, FindBugs, etc.
  • Knowledge of frameworks, standards, and best practices (i.e. OWASP, NIST, PCI, ISO, COBIT, COSO, CMMI) is a plus
  • Preferred knowledge of Java, Swift, Javascript, Python, or other OOP experience
  • Requires knowledge of business and technical functional capabilities in the following areas: security architecture; security engineering; threat management; vulnerability management; computer and data breach incident management; security policies and standards; data security; network security; system security, technology operations and compliance.
  • Typically possesses prior IT and business work experience with exposure to various technical environments and business segments, and some experience working with auditors and regulators.
  • Superior skill in organizing, managing and interpreting data
  • Proven communication skills, the ability present information clearly and concisely to all levels of management both formally and informally
  • Requires experience in analyzing large amounts of data, interpreting results, and making recommendations
  • Strong time management skills, and the ability to prioritize and multi-task.
  • In-depth experience with desktop software and office automation tools

Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions.

The PowerToFly Mission

We're passionate about connecting highly skilled women with leading companies committed to diversity and inclusion.

Are you looking for your dream job? In Office. Flexible. Remote.

Join our Movement

Are you hiring? Join our platform for diversifying your team

Post a job