COUNTRY Financial is seeking an Application Security Specialist to join the Cyber Security team. You’ll play a key role in partnering with Application Development teams to drive secure coding practices, requirements, and remediation for new and existing development efforts. This role will focus on ensuring that Applications and Websites developed at COUNTRY Financial are deployed and maintained in a secure manner and expanding the Application Security program. This includes but is not limited to the use of Static and Dynamic code analysis solutions, integration into development lifecycle management, and secure code education and training.
The person in this role researches general and industry specific security trends. Analyzes and defines application security policies and secure development standards. Provides Application Security expertise and information to project and development teams. Creates and presents application security reports, policies, results and deliverables. Coordinates and conducts secure code scanning and analysis, including the delivery and explanation of results. Evaluates, documents and communicates ratings and mitigation guidelines.
- Participates in projects and assessments on risk.
- Analyzes and defines security policies and standards.
- Monitors, alerts and responds to security events.
- Performs computer forensic and investigative activities; and penetration and vulnerability testing.
- Defines and administers identity and access roles and workflows.
- Develop and communicate secure application development standards.
- Build relationships with Application Developers and other Stakeholders.
- Drive expansion of secure code scanning and analysis solutions.
- Aid Development personnel in understanding and mitigation of secure code deficiencies.
- Create and deliver reports and metrics for identified security deficiencies.
- Bachelor's Degree in Computer Science or related field and 5 years professional experience working in an Information Security Program.
- Experience identifying, rating, and mitigating secure code deficiencies for applications and websites.
- In-depth Understanding of Application Security Vulnerabilities and Standards (OWASP).
- Experience with Secure Code Analysis and Scanning solutions, Automation, and Integration into development processes.
- Excellent communication skills both written and verbal across all organizational levels.
- Experience in software development of applications and websites.
- Understanding of Application Security Vulnerabilities and Standards (OWASP).
- Understanding of Secure Code Analysis and Scanning solutions.
- Critical thinking and troubleshooting skills.
- Typically requires:
- Bachelor's degree and at least 12 years of experience in information technology OR,
- Master's degree and at least 8 years of experience in information technology OR,
- At least 14 years of experience in information technology.
- And 2 years lead experience.
- Normal office environment.
- Work may extend beyond normal business hours as business needs dictate.