Jobs
>
Goodlettsville

    Information Security Senior Analyst, Application Security - Goodlettsville, United States - TEPHRA

    TEPHRA
    TEPHRA Goodlettsville, United States

    2 weeks ago

    Default job background
    Description
    :

    Job Description:


    GENERAL SUMMERY:

    Responsible for performing static and dynamic application security testing in order to identify vulnerabilities in applications that are storing, processing, or handling DG data.

    This includes applying an appropriate security risk rating based on compensating controls and other mitigating factors, and identifying and conveying vulnerabilities in a manner that clearly defines the security risk to a given application - while providing developers additional guidance as to how a vulnerability should be remediated and properly re-tested to validate the effectiveness of remediation efforts.


    DUTIES &


    RESPONSIBIILTIES:


    • Perform static and dynamic application security testing using a combination of commercial, open source, and manual testing methods.
    • Conduct application security risk and compliance reviews and analysis identify, recommend, and track progress of security risk mitigation plans while collaborating with IT and business units to drive risk mitigation plans to completion.
    • Represent the information security department through pragmatic consultation and participation in a defined SDLC, promoting application security best practices and standards.
    KNOWLEDGE, SKILLS, &


    ABILITIES:


    • Strong understanding of current and emerging application security and general information security best practices, technologies, techniques, trends, threats, and countermeasures, to include application security aspects related to cloud technologies.
    • Strong, effective written and oral communications skills and able to communicate to technical and non technical audiences across multiple levels.
    • Strong, hands on experience performing static and dynamic application security tests, assessments, etc.
    using commercial and other tool sets, manual testing methods, etc.

    • Strong negotiation skills (e.
    g., driving internal security recommendations, external vendor action, etc.).

    • Strong understanding of effective, pragmatic application security controls and related industry (e.
    g. OWASP) best practices risk management and compliance strategies and techniques and PCI, HIPAA, and SOX regulatory requirements.

    • Solid understanding of agile and waterfall development methodologies and the efficient and effective integration of application security design and testing processes.
    • Ability to learn and retain new skills to adapt to evolving business, technical, risk, and security needs.
    • Ability to work occasionally during non standard shifts, in an on call capacity, and able to travel as needed (up to 5%).
    WORK EXPERIENCE AND/OR EDUCATION:


    • College degree or equivalent experience in information security with a minimum 5 years current/recent application security experience.
    Active CISSP or CSSLP certification preferred.

    • Extensive hands on experience in static and dynamic application security testing using a variety of manual testing methods, commercial and non commercial tools, best practice security frameworks (e.
    g., OWASP ASVS), etc.

    • Foundational experience with host operating systems, networking principles, web application firewalls, and associated security controls network/system vulnerability scanning tools security information and event management (SIEM) privileged user management (PUM) and governance risk and compliance (GRC).
    Candidate Must Have:

    undefined
  • Veeva Systems

    Senior Application Security Engineer

    2 weeks ago

    Veeva Systems Nashville, United States

    Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in history, we surpassed $2B in revenue in our last fiscal year with extensive growth pot ...

  • Velocity Ventures

    Wage and Salary Accountant

    2 days ago

    Velocity Ventures Goodlettsville, TN, United States Freelance

    **We are looking for support for our client in the legal consulting industry in Goodlettsville, TN through direct placement** · **Your daily tasks:** · - Conducting payroll and salary calculations · - Processing of reporting, applications, and certifications · - Communication wit ...

  • Charlie Health

    Senior Software Engineer, Applications Security

    2 weeks ago

    Charlie Health Nashville, United States

    Why Charlie Health? · Young people across the nation are grappling with a mental health crisis characterized by escalating rates of depression, anxiety, trauma, substance use disorders, and suicide. Individuals who seek support are met by geographical and financial barriers, dri ...

  • Regions Bank

    Web and Cloud Application Security Engineer

    1 week ago

    Regions Bank Nashville, United States

    Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, ...

  • Vanderbilt University Medical Center

    Senior Workday Security Application Analyst

    3 days ago

    Vanderbilt University Medical Center Nashville, United States

    Discover Vanderbilt University Medical Center: Located in Nashville, Tennessee, and operating at a global crossroads of teaching, discovery, and patient care, VUMC is a community of diverse individuals who come to work each day with the simple aim of changing the world. It is a p ...

  • MRG Exams

    Clinical Psychologist-Lakewood WA

    1 week ago

    MRG Exams Sumner, United States

    MRG Exams · Providing Disability Assessments Nationwide To Serve Our Veterans · Help Military Families – Achieve Work-Life Balance – Make a Difference · Founded in 1998, MRG is a provider of Independent Medical Exams for Worker's Compensation, Disability, and the Veterans Adminis ...

  • Aspen Dental

    Dentist - DDS / DMD

    1 week ago

    Aspen Dental Hendersonville, United States Full time

    This opening is for an Associate Dentist. · At Aspen Dental, we put You 1st, offering the financial security and job stability that comes with working with a world-class Dental Service Organization (DSO). Our best-in-class learning and development training program, competitive c ...

  • Harris Teeter

    Starbucks Barista

    3 weeks ago

    Harris Teeter Hendersonville, United States

    SUMMARY. Primary responsibility is to Take Excellent Care Of Our Customers by satisfying each customer's needs and exceeding their expectations. This requires a defined level of product knowledge, beverage and food preparation skills, sales ability, customer relations skills, and ...

  • Aspen Dental

    Dentist - DDS / DMD

    2 weeks ago

    Aspen Dental Hendersonville, United States Full time

    This opening is for an Associate Dentist. · At Aspen Dental, we put You 1st, offering the financial security and job stability that comes with working with a world-class Dental Service Organization (DSO). Our best-in-class learning and development training program, competitive c ...

  • FusionTech

    An ERP consultant is a professional who provides advice and guidance on the implementation and use of Enterprise Resource Planning

    3 weeks ago

    FusionTech Sumner, United States

    What we need you for · We are a growing IT company with short decision-making processes, a hybrid work approach, and a corporate culture that prioritizes quality, performance, and mutual respect. · Join our team and shape the digital future of our clients with our worldwide team ...

  • Crimson Solutions

    Training to become a clerk for office management

    3 weeks ago

    Crimson Solutions Sumner, United States

    Steel and metal scrap are our world, recycling is our mission. For the challenges associated with this, we are looking for motivated individuals who want to work in a career environment characterized by future security and meaningfulness. · Location: Düsseldorf // Job ID: 128205 ...

  • Skyline Solutions

    Training as a Machinist

    1 day ago

    Skyline Solutions Sumner, United States

    Sumner Lödige - the right mix makes the difference · For over 80 years, Lödige's machines and subsystems have been used for the production of everyday products. For example, for cereal mixes, instant soups, pharmaceutical tablet masses, joint mortar mixes, brake pads, and much mo ...

  • Indian Lake Family Dental

    Dental Assistant

    4 days ago

    Indian Lake Family Dental Hendersonville, United States

    **Dental Assistant** · **Why Heartland Dental?** · Heartland Dental believes that to provide exceptional lifetime care for patients, we must hire and grow team members who will support the business and clinical needs of each supported dental office and foster a strong team buildi ...

  • Towne Park

    Observational Patient Rounder

    2 days ago

    Towne Park Hendersonville, United States

    **Job Details** · **Work Schedule**: The work schedule for this position can include AM/PM Shift times · **Paid Time Off**:Employees accrue hours of PTO per hour worked up to a maximum of 40 hours per calendar year. Employees accrue 0.02 hours of floating holiday per hour worked ...

  • SilverLinx

    Employee Security Service

    2 days ago

    SilverLinx Ridgetop, TN, United States Freelance

    **Job Title**: Security Officer (m/f/d 100%) · **Location**: Ridgetop, TN · **Employment Type**: Full-time · **Application Deadline**: January 1, 2023 · The Staatliche Kunstsammlungen Dresden (SKD) is currently seeking a full-time Security Officer (m/f/d) up to pay grade E3 TV-L. ...

  • Phoenix Industries

    An IT consultant is a professional who provides expert advice and guidance on information technology solutions and strategies to businesses and organizations. They help clients identify and implement the most effective and efficient technology solutions to meet their specific needs and goals

    1 day ago

    Phoenix Industries Shackle Island, United States

    About the Company · Since 2015, we have been ensuring more information security in companies through security audits, consulting, and incident response. We take a holistic approach to information security, which includes testing IT systems through commissioned hacking, conducting ...

  • XPO

    Supervisor, Freight Operations

    1 week ago

    XPO Whites Creek, United States Full time

    Solutions driven success. · XPO is a top ten global provider of transportation services, with a highly integrated network of people, technology and physical assets. At XPO, we look for employees who like a challenge and can communicate effectively in all situations. We want to le ...

  • SYSCO

    New Business Developer

    1 week ago

    SYSCO Nashville, United States Full time

    Company: · US0060 Sysco Nashville, LLCZip Code: · 37209Minimum Level of Education: · High School or EquivalentMinimum Years of Experience: · 2 YearsEmployment Type: · Full TimeTravel Percentage: · Up to 25%COMPENSATION INFORMATION: · The pay range provided is not indicative of ...

  • Dell

    Internal Audit SOX Senior Advisor

    4 days ago

    Dell Nashville, United States Full time

    Internal Audit SOX Senior Advisor · We're a global business – a multi-billion-dollar corporation. To stay strong and secure, it's vital to have a robust audit and risk assessment of our financial and operational practices. That's where our Internal Audit professionals come in. Pr ...

  • SYSCO

    Outbound Warehouse Manager

    1 week ago

    SYSCO Nashville, United States Full time

    Company: · US0060 Sysco Nashville, LLCZip Code: · 37209Minimum Years of Experience: · 3 YearsEmployment Type: · Full TimeTravel Percentage: · 0COMPENSATION INFORMATION: · The pay range provided is not indicative of Sysco's actual pay range but is merely algorithmic and provided ...