Application Security Analyst

Consumers Energy Jackson , MI 49201

Posted 1 week ago

Join a diverse and dynamic team that makes and delivers the most valuable services in the world: electricity and natural gas. At Consumers Energy, our customers are at the heart of everything we do.

Our employees work around the clock to provide service to our customers in honor of our history and to fulfill our promise to Michigan - Count on Us! Consumers Energy, the principal subsidiary of CMS Energy and headquartered in Jackson, Michigan, provides natural gas and electricity to nearly 6.8 million of Michigan's 10 million residents in all 68 Lower Peninsula counties.

The Consumers Energy Vulnerability Management Team focuses on evaluating the security posture of Web Applications, Mobile Applications, API's and Web Services. The Application Security Analyst will work jointly with Development Teams and Architects to review application code and be able to articulate security posture of applications and back-end systems.

Conduct web and mobile application security vulnerabilities assessments using Static Application Security Test (SAST) and Dynamic Application Security Test (DAST) using scanning tools / manual checks and notify the appropriate team to take necessary action. An understanding of modern web application development languages is necessary to communicate mitigating controls and potential remediation activities

Responsibilities:

  • Perform static code analysis for web application written in.NET

  • Perform web application vulnerability assessments

  • Create processes for automating manual tasks used by the vulnerability management team

Requirements:

  • Requires a bachelor's degree preferably in an Information Technology field . Less than a bachelor's degree may be acceptable if accompanied by other technical training and extensive experience (internal/external) in positions that demonstrate required abilities and performance.
  • 1+ years .NET experience

Overview

The IT Technical Job Family is utilized in Information Technology. Typically employees in this job family are required to design or maintain technology systems, to utilize various computer software programs, and to design, develop and/or provide advice and counsel on the operation of equipment, processes and procedures.

They are responsible for ensuring adherence to laws and regulations applicable to Company employees. This job family includes Application Development, Infrastructure, Information Security, and Architecture. This position has remote capability.

Nature of Work

Maintains awareness of the latest critical information security vulnerabilities, threats, and exploits

Provide guidance on existing and emerging threats in the web and mobile application landscape

Assist in conducting and facilitating security reviews, as directed by leadership, throughout the application development lifecycle, including tasks such as:

Performing, and improving security assessments for applications across the enterprise

Static (SAST) & Dynamic (DAST) Application Security Testing and/or penetration testing of applications and source code, auditing results with development and/or security teams and offering plans for remediation of vulnerabilities

Essential Functions

Communicating technical application security concepts to developers

Training developers on application security and remediation of application security code defects

Identify enhancements to tools, standards and processes; provide input into policies and procedures, and contribute to the implementation and refinement of the strategy for the Vulnerability Management program.

Improve enterprise security posture through close collaboration with teams to ensure the adoption of security best practices across the entire application lifecycle.

Implement policies in in accordance with security best practices.

Conduct security reviews of application scan results.

Hours and Travel

Meet travel requirements of the position. Work a flexible schedule, which may include evenings, weekends, holidays and overtime.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit, stand, walk, stoop, kneel, crouch, crawl, and use hands to finger, handle, or feel objects. The employee frequently is required to talk or hear. The employee must lift and move up to twenty pounds.

Specific vision abilities required by this job include close vision, color vision, depth perception, and the ability to adjust focus. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually moderate.

Position will be filled at the appropriate salary grade based upon the skills, knowledge, and experience of the selected candidate.

All qualified applicants will not be discriminated against and will receive consideration for employment without regard to protected veteran status, disability, race, color, religion, sex, sexual orientation, gender identity or national origin.

Nearest Major Market: Jackson Michigan

Nearest Secondary Market: Ann Arbor

Job Segment: Information Systems, Developer, Application Developer, Testing, Information Security, Technology



icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Application Security Analyst

CMS Energy

Posted 1 week ago

VIEW JOBS 10/14/2020 12:00:00 AM 2021-01-12T00:00 Join a diverse and dynamic team that makes and delivers the most valuable services in the world: electricity and natural gas. At Consumers Energy, our customers are at the heart of everything we do. Our employees work around the clock to provide service to our customers in honor of our history and to fulfill our promise to Michigan - Count on Us! Consumers Energy, the principal subsidiary of CMS Energy and headquartered in Jackson, Michigan, provides natural gas and electricity to nearly 6.8 million of Michigan's 10 million residents in all 68 Lower Peninsula counties. The Consumers Energy Vulnerability Management Team focuses on evaluating the security posture of Web Applications, Mobile Applications, API's and Web Services. The Application Security Analyst will work jointly with Development Teams and Architects to review application code and be able to articulate security posture of applications and back-end systems. Conduct web and mobile application security vulnerabilities assessments using Static Application Security Test (SAST) and Dynamic Application Security Test (DAST) using scanning tools / manual checks and notify the appropriate team to take necessary action. An understanding of modern web application development languages is necessary to communicate mitigating controls and potential remediation activities Responsibilities: * Perform static code analysis for web application written in.NET * Perform web application vulnerability assessments * Create processes for automating manual tasks used by the vulnerability management team Requirements: * Requires a bachelor's degree preferably in an Information Technology field . Less than a bachelor's degree may be acceptable if accompanied by other technical training and extensive experience (internal/external) in positions that demonstrate required abilities and performance. * 1+ years .NET experience Overview The IT Technical Job Family is utilized in Information Technology. Typically employees in this job family are required to design or maintain technology systems, to utilize various computer software programs, and to design, develop and/or provide advice and counsel on the operation of equipment, processes and procedures. They are responsible for ensuring adherence to laws and regulations applicable to Company employees. This job family includes Application Development, Infrastructure, Information Security, and Architecture. This position has remote capability. Nature of Work Maintains awareness of the latest critical information security vulnerabilities, threats, and exploits Provide guidance on existing and emerging threats in the web and mobile application landscape Assist in conducting and facilitating security reviews, as directed by leadership, throughout the application development lifecycle, including tasks such as: Performing, and improving security assessments for applications across the enterprise Static (SAST) & Dynamic (DAST) Application Security Testing and/or penetration testing of applications and source code, auditing results with development and/or security teams and offering plans for remediation of vulnerabilities Essential Functions Communicating technical application security concepts to developers Training developers on application security and remediation of application security code defects Identify enhancements to tools, standards and processes; provide input into policies and procedures, and contribute to the implementation and refinement of the strategy for the Vulnerability Management program. Improve enterprise security posture through close collaboration with teams to ensure the adoption of security best practices across the entire application lifecycle. Implement policies in in accordance with security best practices. Conduct security reviews of application scan results. Hours and Travel Meet travel requirements of the position. Work a flexible schedule, which may include evenings, weekends, holidays and overtime. Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit, stand, walk, stoop, kneel, crouch, crawl, and use hands to finger, handle, or feel objects. The employee frequently is required to talk or hear. The employee must lift and move up to twenty pounds. Specific vision abilities required by this job include close vision, color vision, depth perception, and the ability to adjust focus. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually moderate. Position will be filled at the appropriate salary grade based upon the skills, knowledge, and experience of the selected candidate. CMS Energy Jackson MI

Application Security Analyst

Consumers Energy