Application Security Analyst
Position Overview:
The Application Security Analyst is ideally based Baltimore, MD.
Candidates may also be considered in Fort Worth, New York City, Evansville, and Fort Mill.
Application Security Analyst will scan, track, analyze, and report on vulnerabilities in open-source software as part of the vulnerability management process.
To accomplish this, you will work closely with our internal security teams, managed service providers, project team, and other partners to help develop an open-source security component of vulnerability management that is resilient and supportable.
Description:
o Triaging and analyzing potential vulnerabilities discovered within open-source dependencieso Further researching known vulnerabilities to determine characteristics such as severity and exploitability related to open-source tools and softwareo Using research to verify or disqualify potential vulnerabilitieso Building threat models and mapping software/tool dependencieso Using data analyst techniques to answer research questions about vulnerabilities, and general threat intelligence trendso Training machine learning models to find where vulnerabilities are mostly likely to lie, using verified known vulnerabilities, information about how the open-source community operates, and the static code itselfoWork with various other stakeholders on an Open-Source Software Committee for approvals and onboarding of OSSoMonitor quality and performance of open-source applications through testing and maintenance
Experience:
o 3 years of cyber security experience specifically working in Vulnerability Managemento 2-4 years of information security technology experience (experience with SOC environment, incident response, threat hunting, and SIEM experience a plus)o Experience using application security toolso Experience with open-source software and tools including, but not limited to implementing, patching, remediation, and removalo Experience with vulnerability and patch assessmento Experience with vulnerabilities and dealing with vulnerability disclosuresSkills:
o Excellent writing and presentation skills are required to communicate findings and statuso Cleary communicate priorities and escalation points/procedures to other team memberso Detail oriented, organized, methodical, follow up skills with an analytical thought processo Experience analyzing software code and documenting/providing technical expertiseCybersecurity Tech, a team within OneMain's Technology department, is a fast-growing team focused on providing expert insight into risk, developing team members, and effective oversight of cybersecurity and technology risk.
This is a team where you can work with great team members across the Cyber Risk, Cyber Tech, Risk Management, and Technology organizations.
You will be challenged to excel with exciting and challenging opportunities daily.
There is transparency and great support from management teams to allow team members to be effective, grow their careers and meet company goals.
Hard work and initiative are rewarded and recognized by management and colleagues alike, which promotes a culture of respect and value across the organization.
Within the Cybersecurity Tech team, you will be conducting meaningful work and making a difference in the lives of OneMain's customers and team members by promoting a cybersecurity culture, optimizing cybersecurity capabilities, protecting data, and developing cyber resilient programs.
Note:
Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.
Benefits:
Because we want our team members to bring us their very best every day, we believe they deserve the right opportunities and benefits.
That's why we packed our comprehensive benefits package for full- and some part-timers with:
Health and wellbeing options for team members and their dependentsUp to 4% matching 401(k)Tuition reimbursementContinuing educationBonus eligiblePaid time offPaid volunteer time And more Our Company:
OneMain Financial is the country's largest lending-exclusive financial company, proudly serving millions of customers with safe, affordable and transparent installment loans.
Our customers turn to us every day--online and at 1,500 branches in 44 states--to help them take control and improve their financial lives with solutions for debt consolidation, medical expenses, household bills, home improvements and auto purchases.
Our talented and dedicated team members constantly look for responsible ways to serve our customers when, where and how they want.
It's all about doing the right thing--a mission that hasn't changed for more than 100 years.
#LI-EK1Salary:
$13.
96 - $22.
12.
Estimated Salary: $20 to $28 per hour based on qualifications.
The Application Security Analyst is ideally based Baltimore, MD.
Candidates may also be considered in Fort Worth, New York City, Evansville, and Fort Mill.
Application Security Analyst will scan, track, analyze, and report on vulnerabilities in open-source software as part of the vulnerability management process.
To accomplish this, you will work closely with our internal security teams, managed service providers, project team, and other partners to help develop an open-source security component of vulnerability management that is resilient and supportable.
Description:
o Triaging and analyzing potential vulnerabilities discovered within open-source dependencieso Further researching known vulnerabilities to determine characteristics such as severity and exploitability related to open-source tools and softwareo Using research to verify or disqualify potential vulnerabilitieso Building threat models and mapping software/tool dependencieso Using data analyst techniques to answer research questions about vulnerabilities, and general threat intelligence trendso Training machine learning models to find where vulnerabilities are mostly likely to lie, using verified known vulnerabilities, information about how the open-source community operates, and the static code itselfoWork with various other stakeholders on an Open-Source Software Committee for approvals and onboarding of OSSoMonitor quality and performance of open-source applications through testing and maintenance
Experience:
o 3 years of cyber security experience specifically working in Vulnerability Managemento 2-4 years of information security technology experience (experience with SOC environment, incident response, threat hunting, and SIEM experience a plus)o Experience using application security toolso Experience with open-source software and tools including, but not limited to implementing, patching, remediation, and removalo Experience with vulnerability and patch assessmento Experience with vulnerabilities and dealing with vulnerability disclosuresSkills:
o Excellent writing and presentation skills are required to communicate findings and statuso Cleary communicate priorities and escalation points/procedures to other team memberso Detail oriented, organized, methodical, follow up skills with an analytical thought processo Experience analyzing software code and documenting/providing technical expertiseCybersecurity Tech, a team within OneMain's Technology department, is a fast-growing team focused on providing expert insight into risk, developing team members, and effective oversight of cybersecurity and technology risk.
This is a team where you can work with great team members across the Cyber Risk, Cyber Tech, Risk Management, and Technology organizations.
You will be challenged to excel with exciting and challenging opportunities daily.
There is transparency and great support from management teams to allow team members to be effective, grow their careers and meet company goals.
Hard work and initiative are rewarded and recognized by management and colleagues alike, which promotes a culture of respect and value across the organization.
Within the Cybersecurity Tech team, you will be conducting meaningful work and making a difference in the lives of OneMain's customers and team members by promoting a cybersecurity culture, optimizing cybersecurity capabilities, protecting data, and developing cyber resilient programs.
Note:
Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.
Benefits:
Because we want our team members to bring us their very best every day, we believe they deserve the right opportunities and benefits.
That's why we packed our comprehensive benefits package for full- and some part-timers with:
Health and wellbeing options for team members and their dependentsUp to 4% matching 401(k)Tuition reimbursementContinuing educationBonus eligiblePaid time offPaid volunteer time And more Our Company:
OneMain Financial is the country's largest lending-exclusive financial company, proudly serving millions of customers with safe, affordable and transparent installment loans.
Our customers turn to us every day--online and at 1,500 branches in 44 states--to help them take control and improve their financial lives with solutions for debt consolidation, medical expenses, household bills, home improvements and auto purchases.
Our talented and dedicated team members constantly look for responsible ways to serve our customers when, where and how they want.
It's all about doing the right thing--a mission that hasn't changed for more than 100 years.
#LI-EK1Salary:
$13.
96 - $22.
12.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
