IT GRC Application Security Analyst - Req. 1901249

Raymond James Saint Petersburg , FL 33701

Posted 4 months ago

Description

The IT GRC Application Security Analyst will serve as the interface between software developers and the IT GRC and Information Security teams. Their mission is to ensure the security of applications by working with software developers to build secure systems, by prioritizing and tracking security issues identified at the application layer, and by monitoring the security of applications in production. If you are a disruptor, not settling for "the way it's always been done", if you want to continuously define and refine your role, driving your own priorities, this role is for you. The ideal candidate will have a broad and technical information security skillset and the drive to develop professionally into a role that advocates for the inclusion of security principles across multiple business units and IT functional areas.

Responsibilities:

The day-to-day responsibilities of the IT GRC Application Security Analyst includes:

CONSULTING

  • Performing code and design reviews of internal and external software products

  • Developing and implementing automated tests to enforce security standards

  • Developing a security training and education program for software developers

VULNERABILITY MANAGMENT

  • Prioritizing and tracking application security issues across the firm

  • Working with software engineering teams to ensure timely resolution of issues

  • Analyzing issue metrics to surface patterns

  • Identify, highlight, and provide application security recommendations during requirement and design reviews

  • Track open issues and follow up with different teams to address the open issues.

GOVERNANCE, RISK, AND COMPLIANCE

  • Supporting IT GRC initiatives across a broad responsibility spectrum

  • Performs other duties and responsibilities as assigned.

Qualifications

EXPERIENCE AND SKILLS

  • Bachelor's degree in Computer Science, MIS or related degree and a minimum of three (3) years of relevant development or engineering experience or combination of education, training and experience.

  • Strong programming background especially in languages like Java/C#, T-SQL, JavaScript strongly preferred

  • Knowledge of authentication mechanisms like SAML, OAuth, etc.

  • Knowledge of Security Flaws and its Resolution as listed in sites like OWASP, SANS, etc.

  • Experience in secure application programming, code reviewing, and penetration testing web based applications (HP Fortify, TFS, WebInspect, Qualys, F5 ASM)

  • Experience in security testing mobile applications.

  • Knowledge of IT Governance, Risk, and Compliance concepts will help in this role, but they can be learned.

  • Ability to work effectively with technical and non-technical personnel in a cross-functional setting

  • Lead implementation efforts of security initiatives and resolutions of any findings from internal or external assessments

  • Identify security risks and develop solutions to eliminate or minimize risks

  • Knowledge of software design, software and network architecture, protocols, and standards

  • Excellent verbal and written communication skills

  • CISSP certification desirable

Licenses/Certifications:

  • Industry leading certifications and additional technical certifications a strong plus.

Raymond James Guiding Behaviors

At Raymond James our associates use five guiding behaviors (Develop, Collaborate, Decide, Deliver, Improve) to deliver on the firm's core values of client-first, integrity, independence and a conservative, long-term view.

We expect our associates at all levels to:

  • Grow professionally and inspire others to do the same

  • Work with and through others to achieve desired outcomes

  • Make prompt, pragmatic choices and act with the client in mind

  • Take ownership and hold themselves and others accountable for delivering results that matter

  • Contribute to the continuous evolution of the firm

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Application Dev Manager Req 1901351

Raymond James

Posted 2 days ago

VIEW JOBS 8/22/2019 12:00:00 AM 2019-11-20T00:00 Description Job Summary: This position supports the Enterprise Risk Technology (primarily on Credit and Market Risk) business groups in utilization of information technology to drive business and/or revenue growth and improve efficiencies. Extensive contact with all management levels and other internal customers is required to identify, research, analyze and resolve complex information technology issues. Manages team responsible for application development and modification and/or maintenance of applications. Incumbents must have in-depth knowledge of development tools and language and be able to work closely with business partners to define requirements for systems applications. The position will manage a team of developers in supporting a number of systems that is used to monitor the firm's Credit and Market Risk exposures. The person will work with the business in defining the roadmap and system architecture, managing the development lifecycle and the overall health of the various systems. Essential Duties and Responsibilities: * Drives IT solutions to ensure they meet the business needs balanced with a pragmatic and integrated approach to the design of technical solutions. * Works with vendors and other enterprise applications on integration points of various systems. * Understands and applies enterprise wide thinking to individual departmental requests for IT investments to ensure end-to-end process and data integration are achieved. * Leads projects to successful completion as defined by predetermined project success criteria including those established by the business, capital expenditure and budget requirements. * Influences the prioritization of business unit technology projects, optimal project structure and project administration to ensure strategic business objectives are met and risk is managed. * Focuses on workforce management to accurately capture IT resource capacity involving resources (internal and/or external), processes and practices. * Develops and maintains development methodology (templates, processes and deliverables) and ensures all IT resources understand their responsibilities in this process. * Partners with Architecture Team to assess how technologies can best streamline processes and/or add business value. * Provides quick project turnarounds and flexibility by leveraging SDLC methodology and industry best practices. * Remains up to date on key technology, business and industry trends. * Develops budget/ annual goals and objectives; holds organization accountable for attaining goals and objectives. * Performs other duties and responsibilities as assigned. Qualifications Experience and Skills: * Minimum of a Bachelor's degree in Computer Science, MIS or related degree and at least seven (7) years of relevant experience including management or leadership experience or an equivalent combination of education, training and experience. * Must have hands on development experience in .NET, SQL Server and Qlikview. * Must have at least 7 years of experience in designing and implementing enterprise systems. * Must have Agile development experience. * Must have at least 5 years of development management. * Risk Management experience highly preferred. * Financial Services experience highly preferred. * Experience in the following: project management, enterprise implementation, leadership experience, strategic planning, business acumen, application development. * May occasionally work a non-standard schedule including nights and/or weekends and/or have on-call responsibilities. Licenses/Certifications: * None required. Competencies and Behaviors: Lead the Team Creates/maintains a competitive organization by attracting, developing and retaining talent to ensure people with the right skills & motivations are in the right place at the right time to meet business needs. * Builds a cohesive team, and develops structure & direction to meet or exceed customer needs. * Leverages systems & processes to attract, develop & retain talented individuals. * Provides feedback, empowerment and coaching to help others excel in current and future job responsibilities. * Creates a trusting work environment where people can realize their full potential. Enhance Client Experience Builds and maintains strong internal and external relationships. Enhances the customer service experience to drive competitive advantage. * Ensures customer perspective is driving force behind business decisions and activities. * Ensures customer solutions, practices and procedures are carried out and achieve their objectives. * Builds strategic partnerships within the organization to collaboratively execute business goals. * Interacts with others in a way that promotes openness & trust and gives confidence in one's intentions. Advances Strategic Opportunities Gains competitive advantage by developing, supporting and/or promoting innovative strategies, products or processes which align with the firm's vision and goals and enhance the firm's reputation/brand. * Identifies and drives organizational changes needed to adapt to changing customer and market demands. * Establishes and commits to long-term business direction and sets meaningful performance objectives that align to values & strategies. * Communicates information in a compelling way that drives others to achieve team and firm goals. * Encourages others to seek opportunities for different and innovative approaches to addressing problems and opportunities. Drive High Performance Executes business and organizational objectives that build and support sustained revenue growth, maximize firm results and effectively leverage people/processes. * Uses customer centric approaches for choosing courses of action or developing appropriate solutions. * Aligns communication, accountability, resources & processes to ensure strategic priorities yield measurable and sustainable results. * Tenaciously works to deliver team goals with the greatest potential for producing positive business results. * Establishes high standards and challenging goals for individual, team and organizational accomplishment. Raymond James Guiding Behaviors At Raymond James our associates use five guiding behaviors (Develop, Collaborate, Decide, Deliver, Improve) to deliver on the firm's core values of client-first, integrity, independence and a conservative, long-term view. We expect our associates at all levels to: * • Grow professionally and inspire others to do the same * • Work with and through others to achieve desired outcomes * • Make prompt, pragmatic choices and act with the client in mind * • Take ownership and hold themselves and others accountable for delivering results that matter * • Contribute to the continuous evolution of the firm Raymond James Saint Petersburg FL

IT GRC Application Security Analyst - Req. 1901249

Raymond James