Urgently Need AppSec Vulnerability Analyst (REMOTE) in Dallas, TX
Job title: AppSec Vulnerability Analyst (REMOTE)
Company: Foot Locker
Job description: Overview
Role is 100% REMOTE - Must be based in the U.S.
A Foot Locker AppSec Security Vulnerability Analyst is responsible for driving the corporate vulnerability management program and code review assessments. Analysts utilize corporate tools to monitor vulnerability scans, follow-up with system owners and developers, revisit process documentation and procedures, develop stronger reporting mechanisms and dashboards. Additionally, enable stronger overall governance to the program by properly documenting vulnerability identification and remediation. Define a reporting cadence and conduct periodic evaluations of risk decisions associated with prior documented risk exceptions. Additionally, track and report any vulnerabilities that exceed SLAs to drive the exception and risk escalation process.
Responsibilities
· Perform dynamic and static code reviews to identify critical flaws in applications and web applications.
· Identify the absence of functionality in code that may lead to security breaches.
· Utilize automated tools to identify critical flaws in corporate systems.
· Work with the business to determine high value assets.
· Determining priority and criticality of application vulnerabilities and remediation based on analysis.
· Work with business partners to make recommendations and provide guidance for remediation.
· Compile and track vulnerabilities over time for metrics purposes.
· Follow established process and procedure in use and support of operational software tools, hardware, and system software.
· Be willing and capable of learning new tools and processes.
· Monitor SIEM, conduct data analysis, and evaluate logs for security events related to vulnerabilities.
· Evaluate health and management of Anti-Virus, Anti-Malware, and other Advanced Threat agents in a global deployment.
· Create reports and enhance metrics based on data analysis.
· Participate in threat hunting, threat modeling, and threat intel activities.
· Adhere to all corporate security policies and standards as they relate to job duties.
· Write, maintain and publish secure code standards and procedures. Maintain working relationships with various teams with competing objectives, participate in and lead governance efforts in Foot Locker. Manage and run developer training program.
Qualifications
· Must have application development experience. (Java, JavaScript, NodeJS, SWIFT, C/.Net, etc.)
· Must have experience with automated vulnerability scanning tools. (Static/Dynamic code analysis.)
· Must understand the OWASP Top 10 and Proactive controls.
· Must demonstrate the ability to professionally communicate in verbal and writing skills.
· Must understand basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security.
· Must understand basic use of both Windows 7/10/Server 2008/2012 and Linux, including console level commands.
· Must have a realistic business focused mindset and be able to find the balance between security and risk.
· Must be comfortable working in a small team of dedicated professionals Must be able to remain calm in stressful situations.
MINIMUM QUALIFICATIONS:
· An associate degree or higher from an accredited university or college with course work in Information Security, Information Management Systems, or Networking.
OR
· Completion of non-accredited coursework through related on-the-job training, AND 2-5 years full-time experience in an IT role.
PREFERRED
· CVA, CASE, GSSP, GWEB, CSCSD, CSSLP or similar industry certification
· Project management skills are a plus
· Conflict resolution skills are a plus
#LI-REMOTE
#LI-RD1
Benefits
The annual base salary range is $90,000 - $125,000 / yr. This range represents the anticipated low and high end of the salary for this position. This role is also eligible to receive short term incentives that align with individual and company performance. Salary will be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data. Salary is one component of the Foot Locker, Inc. total compensation package, which includes the below.
Foot Locker Benefits:
Employee Discount
Paid Time Off
Medical | Dental | Vision Coverage
401(k) | Roth 401(k)
Stock Purchase Plan
Life Insurance
Flexible Spending Account
Opportunities for Advancement
Tuition Reimbursement for Qualified Courses
Strong Company Culture
Employee Resource Groups
Expected salary: $90000 - 125000 per year
Location: Dallas, TX
Apply Now
Company: Foot Locker
Job description: Overview
Role is 100% REMOTE - Must be based in the U.S.
A Foot Locker AppSec Security Vulnerability Analyst is responsible for driving the corporate vulnerability management program and code review assessments. Analysts utilize corporate tools to monitor vulnerability scans, follow-up with system owners and developers, revisit process documentation and procedures, develop stronger reporting mechanisms and dashboards. Additionally, enable stronger overall governance to the program by properly documenting vulnerability identification and remediation. Define a reporting cadence and conduct periodic evaluations of risk decisions associated with prior documented risk exceptions. Additionally, track and report any vulnerabilities that exceed SLAs to drive the exception and risk escalation process.
Responsibilities
· Perform dynamic and static code reviews to identify critical flaws in applications and web applications.
· Identify the absence of functionality in code that may lead to security breaches.
· Utilize automated tools to identify critical flaws in corporate systems.
· Work with the business to determine high value assets.
· Determining priority and criticality of application vulnerabilities and remediation based on analysis.
· Work with business partners to make recommendations and provide guidance for remediation.
· Compile and track vulnerabilities over time for metrics purposes.
· Follow established process and procedure in use and support of operational software tools, hardware, and system software.
· Be willing and capable of learning new tools and processes.
· Monitor SIEM, conduct data analysis, and evaluate logs for security events related to vulnerabilities.
· Evaluate health and management of Anti-Virus, Anti-Malware, and other Advanced Threat agents in a global deployment.
· Create reports and enhance metrics based on data analysis.
· Participate in threat hunting, threat modeling, and threat intel activities.
· Adhere to all corporate security policies and standards as they relate to job duties.
· Write, maintain and publish secure code standards and procedures. Maintain working relationships with various teams with competing objectives, participate in and lead governance efforts in Foot Locker. Manage and run developer training program.
Qualifications
· Must have application development experience. (Java, JavaScript, NodeJS, SWIFT, C/.Net, etc.)
· Must have experience with automated vulnerability scanning tools. (Static/Dynamic code analysis.)
· Must understand the OWASP Top 10 and Proactive controls.
· Must demonstrate the ability to professionally communicate in verbal and writing skills.
· Must understand basic security principles with an understanding of malware, cryptography, threats and vulnerabilities, access control, and application, data, and host security.
· Must understand basic use of both Windows 7/10/Server 2008/2012 and Linux, including console level commands.
· Must have a realistic business focused mindset and be able to find the balance between security and risk.
· Must be comfortable working in a small team of dedicated professionals Must be able to remain calm in stressful situations.
MINIMUM QUALIFICATIONS:
· An associate degree or higher from an accredited university or college with course work in Information Security, Information Management Systems, or Networking.
OR
· Completion of non-accredited coursework through related on-the-job training, AND 2-5 years full-time experience in an IT role.
PREFERRED
· CVA, CASE, GSSP, GWEB, CSCSD, CSSLP or similar industry certification
· Project management skills are a plus
· Conflict resolution skills are a plus
#LI-REMOTE
#LI-RD1
Benefits
The annual base salary range is $90,000 - $125,000 / yr. This range represents the anticipated low and high end of the salary for this position. This role is also eligible to receive short term incentives that align with individual and company performance. Salary will be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data. Salary is one component of the Foot Locker, Inc. total compensation package, which includes the below.
Foot Locker Benefits:
Employee Discount
Paid Time Off
Medical | Dental | Vision Coverage
401(k) | Roth 401(k)
Stock Purchase Plan
Life Insurance
Flexible Spending Account
Opportunities for Advancement
Tuition Reimbursement for Qualified Courses
Strong Company Culture
Employee Resource Groups
Expected salary: $90000 - 125000 per year
Location: Dallas, TX
Apply Now