Jobs
>
Cleveland

    Lead Application Security Analyst - Cleveland, United States - Sherwin-Williams

    Sherwin-Williams
    Sherwin-Williams Cleveland, United States

    1 week ago

    Default job background
    Description

    Strategy & Planning

    • Acquire and interpret business requirements and functional specifications to create security non-functional requirements.
    • Work with the security architects to validate potential architectures through techniques like threat modeling.
    • Maintain knowledge of best security practices through training, research, involvement with local IT security groups, and collaboration with internal cybersecurity teams.
    • Identify areas for improvement by recommending the use of reusable code libraries introduced in standard build/deploy pipelines.
    • Assist development teams in updating the CMDB records to reflect current state.
    • Validate that OS, middleware, and images are being scanned for vulnerabilities at regular intervals and any reported vulnerabilities are tied back to the appropriate application(s).
    • Work with development and QA teams to ensure the use of secure coding practices and verification methods.
    • Work with dev-ops teams and engineers to integrate security solutions into continuous delivery frameworks.
    • Mitigate security risks associated with projects, which have a high technical complexity and/or involve significant challenges to the business.
    • Work with delivery teams and product owners to reduce application security risks by assisting with code remediation before production delivery.
    Acquisition & Deployment
    • Work with architects and developers to design optimal security practices when developing new application functionality.
    Operational Management
    • Support and maintain automated application security testing within the devops pipelines.
    • Provide input in updating security standards on an annual basis.

    Ensure that all applications are using effective security monitoring, and work with the endpoint security team to test configurations.

    Here, we believe there's not one path to success, we believe in careers that grow with you. Whoever you are or wherever you come from in the world, there's a place for you at Sherwin-Williams. We provide you with the opportunity to explore your curiosity and drive us forward. Sherwin-Williams values the unique talents and abilities from all backgrounds and characteristics. All qualified individuals are encouraged to apply, including individuals with disabilities and Protected Veterans. We'll give you the space to share your strengths and we want you show us what you can do. You can innovate, grow and discover in a place where you can thrive and Let Your Colors Show
    At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute-it matters to us. A general description of benefits offered can be found at . Click on Candidates to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.
    Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled.
    The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.
    Sherwin-Williams is proud to be an Equal Employment Opportunity/Affirmative Action employer committed to an inclusive and diverse workplace. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.
    As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans. Incidental Functions
    • Deciding new technologies including tools, components, and frameworks.
    • Project and task management and reporting as necessary.
    • Make presentations to management, clients, and peer groups as requested.
    • Participate in hiring activities and fulfilling affirmative action obligations and ensuring compliance with the equal employment opportunity policy.

    This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.

    This position has a hybrid work schedule with three days in the office and the option for working remotely two days.

    Formal Education & Certification
    • Bachelor's degree (or foreign equivalent) in a Computer Science, Computer Engineering, or Information Technology field of study (e.g., Information Technology, Electronics and Instrumentation Engineering, Computer Systems Management, Mathematics) or equivalent experience.
    • GIAC GWAPT, or CISSP certifications are a plus.
    Knowledge & Experience
    • 8+ years of total IT and/or cybersecurity experience
    • Experience working on all phases of the Software Development Lifecycle.
    Preferred Experience
    • 3+ year(s) of experience in securing web services
    • 3+ years of coding experience, preferably Java
    • Detailed understanding of authentication/authorization best practices
    • Working knowledge of oAuth 2.0 flows
    • Understanding of integrating security practices with container-based deployments
    • Understanding of web application firewall technology
    • Mentoring software engineers in writing secure code.
    Personal Attributes
    • Strong analytical, conceptual, and problem-solving abilities.
    • Good written and oral communication skills.
    • Good presentation and interpersonal skills.
    • Ability to present ideas in user-friendly language.
    • Able to prioritize and execute tasks in a high-pressure environment.
    • Ability to work in a team-oriented, collaborative environment.
    • Strong commitment to inclusion and diversity
    • Minimal travel is required.
    • Work outside the standard office 7.5-hour workday may be required.
  • Cleveland-Cliffs Inc

    Security Analyst

    5 days ago

    Cleveland-Cliffs Inc Cleveland, United States

    Cleveland-Cliffs Steel has an immediate opening for a dedicated and detail-oriented Program Analyst in our Security Department in Cleveland-Cliffs HQ, based in Cleveland, Ohio. The ideal candidate will have a passion for leveraging data analytics to improve security protocols, id ...

  • Cleveland-Cliffs Inc

    Security Analyst

    2 weeks ago

    Cleveland-Cliffs Inc Cleveland, United States

    Cleveland-Cliffs Steel has an immediate opening for a dedicated and detail-oriented Program Analyst in our Security Department in Cleveland-Cliffs HQ, based in Cleveland, Ohio. The ideal candidate will have a passion for leveraging data analytics to improve security protocols, id ...

  • ReliabilityFirst Corporation

    Senior Security Analyst

    1 week ago

    ReliabilityFirst Corporation Cleveland, United States

    About RF: · ReliabilityFirst Corporation is a regulator focused on the reliability and security of the electric grid. ReliabilityFirst's mission is to preserve and enhance the reliability, security, and resilience of the Bulk Power System across 13 states and the District of Colu ...

  • ReliabilityFirst

    Senior Security Analyst

    1 week ago

    ReliabilityFirst Cleveland, United States

    About RF: · ReliabilityFirst Corporation is a regulator focused on the reliability and security of the electric grid. ReliabilityFirst's mission is to preserve and enhance the reliability, security, and resilience of the Bulk Power System across 13 states and the District of Colu ...

  • MCPc Holdings, Inc.

    Cyber Security Analyst

    2 weeks ago

    MCPc Holdings, Inc. Cleveland, United States

    Fortress Security Risk Management is a nationally recognized full-spectrum cybersecurity firm dedicated to protecting its clients from the financial, operational, and emotional ravages of cybercrime. Headquartered in Cleveland, OH, Fortress primarily has a regional footprint but ...

  • MCPc

    Cyber Security Analyst

    1 week ago

    MCPc Cleveland, United States

    Company Description · Fortress Security Risk Management is a nationally recognized full-spectrum cybersecurity firm dedicated to protecting its clients from the financial, operational, and emotional ravages of cybercrime. Headquartered in Cleveland, OH, Fortress primarily has a ...

  • The Sherwin-Williams Company

    Network Security Analyst

    1 week ago

    The Sherwin-Williams Company Cleveland, United States

    Strategy & Planning Participate in the planning and designing of enterprise security architecture, under the direction of the IT Lead Security Analyst, where appropriate. · Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, ...

  • CGI Technologies and Solutions, Inc.

    Application Security Analyst

    4 days ago

    CGI Technologies and Solutions, Inc. Cleveland, United States

    Application Security Analyst - Hybrid · Category: Cyber Security · Main location:, Various · Alternate Location(s): United States, North Carolina, Raleigh · United States, Ohio, Cleveland · Position ID: J · Employment Type: Full Time · Position Description: · CGI has an immediat ...

  • ReliabilityFirst

    Senior Security Analyst

    2 weeks ago

    ReliabilityFirst Cleveland, United States

    About RF: · Do not wait to apply after reading this description a high application volume is expected for this opportunity. · ReliabilityFirst Corporation is a regulator focused on the reliability and security of the electric grid. ReliabilityFirst's mission is to preserve and ...

  • CGI Technologies and Solutions, Inc.

    Application Security Analyst

    9 hours ago

    CGI Technologies and Solutions, Inc. Cleveland, United States

    Application Security Analyst - Hybrid · Category: Cyber Security · Main location: United States, Various · Alternate Location(s): United States, North Carolina, Raleigh · United States, Ohio, Cleveland · Position ID: J · Employment Type: Full Time · Position Description: · CGI h ...

  • TalentBurst

    Info Security Analyst

    2 weeks ago

    TalentBurst Cleveland, United States

    Job Title: Info Security Analyst · Position is 100% Remote · Duration of assignment until for now. · Start date is · Job Description: · The ideal candidate for this position has an in-depth knowledge of security and technology, with strong understanding of risk management. The ...

  • ReliabilityFirst

    Senior Security Analyst

    2 weeks ago

    ReliabilityFirst Cleveland, United States

    About RF: · ReliabilityFirst Corporation is a regulator focused on the reliability and security of the electric grid. ReliabilityFirsts mission is to preserve and enhance the reliability, security, and resilience of the Bulk Power System across 13 states and the District of Colu ...

  • The Sherwin-Williams Company

    Network Security Analyst

    2 weeks ago

    The Sherwin-Williams Company Cleveland, United States

    Strategy & Planning · Participate in the planning and designing of enterprise security architecture, under the direction of the IT Lead Security Analyst, where appropriate. · Participate in the creation of enterprise security documents (policies, standards, baselines, guideline ...

  • Exodus Integrity Services

    IT Information Security Analyst

    1 week ago

    Exodus Integrity Services Cleveland, United States

    Exodus Integrity Services, Inc is a rapidly expanding technology company headquartered in Northeast Ohio. EIS provides quality services to our clients by instilling honesty, commitment, and hard work to find the most qualified candidates to fill each opportunity.Currently, we are ...

  • Medical Mutual

    IT Security Analyst II

    1 week ago

    Medical Mutual Cleveland, United States Full time

    Job Description - IT Security Analyst II - IV Job Description IT Security Analyst II - IV Description Founded in 1934, Medical Mutual is the oldest and one of the largest health insurance companies based in Ohio. We provide peace of mind to more than 1.6 million Ohioans through ...

  • Exodus Integrity Services

    IT Information Security Analyst

    5 days ago

    Exodus Integrity Services Cleveland, United States

    Exodus Integrity Services, Inc is a rapidly expanding technology company headquartered in Northeast Ohio. EIS provides quality services to our clients by instilling honesty, commitment, and hard work to find the most qualified candidates to fill each opportunity.Currently, we are ...

  • Sherwin-Williams

    Network Security Analyst

    2 weeks ago

    Sherwin-Williams Cleveland, United States

    Job Description · Strategy & PlanningParticipate in the planning and designing of enterprise security architecture, under the direction of the IT Lead Security Analyst, where appropriate. · Participate in the creation of enterprise security documents (policies, standards, baseli ...

  • RightTalents LLC

    Information Security Analyst

    1 week ago

    RightTalents LLC Cleveland, United States

    Job Description: · The ideal candidate for this position has an in-depth knowledge of security and technology, with strong understanding of risk management. The candidate must be able to make decisions based on prior experience in a large enterprise environment and their solid u ...

  • RightTalents LLC

    Information Security Analyst

    1 week ago

    RightTalents LLC Cleveland, United States

    Job Description: · The ideal candidate for this position has an in-depth knowledge of security and technology, with strong understanding of risk management. The candidate must be able to make decisions based on prior experience in a large enterprise environment and their solid un ...

  • RightTalents LLC

    Information Security Analyst

    1 week ago

    RightTalents LLC Cleveland, United States

    Job Description: · The ideal candidate for this position has an in-depth knowledge of security and technology, with strong understanding of risk management. The candidate must be able to make decisions based on prior experience in a large enterprise environment and their solid ...