Previous Job
Application Security Analyst
Ref No.: 18-01544
Location: Newark, New Jersey
Position Type:Contract
Experience Level: 6 Years
Start Date / End Date: 09/03/2018 to 03/02/2019
Application Security Analyst

The Application Security Analyst will partner with developers to conduct application security assessments. The individual will work closely with technical teams and analyze potential security impacts and pitfalls associated with threats and vulnerabilities to applications and systems. Candidate will advise developers and technical teams on options to mitigate the risk. The candidate must have excellent verbal, written and interpersonal communication skills.

Major Responsibilities
  • Perform application code review and provide recommendations to the developers on how to fix the vulnerabilities identified.
  • Write reports including recommendations, root cause analysis, security summary analysis
  • Strong knowledge of API and API security as well as script languages (Python, Perl, Ruby) and build automation tools on an ad-hoc basis
  • Lead projects related to security portfolio to strengthen the overall CyberSecurity posture
  • Write and optimize custom rules on automated source code scanning tools
  • Review business requirements and provide risk based security recommendations during the initial phases of SDLC
  • Perform architecture reviews and Threat Modeling and create assessment reports with recommendations to bridge the security gaps
  • Design and assess SaaS and IaaS cloud services and virtualization technologies, e.g. Amazon Web Services (AWS) and VMWare
  • Experience of building security into continuous integration and delivery (CI/CD) pipeline
  • Learn on the job and explore new technologies with little supervision to identify new and emerging security threats
  • Create and deliver knowledge sharing presentations and documentation to security, developers and operations teams

  • Requires bachelor's degree in computer science or information security
  • Requires a minimum of 6 years of professional IT work experience or a master's degree and 4 years of professional work experience
  • Minimum of 3 years of security or developing web applications experience
  • Experience reading and understanding code in the following languages such as HTML5, Java, JavaScript, Objective-C, C++, C#, Python, Perl, etc.

Additional Licensing, Certifications, Registrations
  • CISSP, SANS Certifications
  • Programming Certifications

Knowledge of
  • Common vulnerabilities in the OWASP top 10 list
  • Protocols/technologies such as SOA, HTTP, SSL, LDAP, JDBC, Servlet/JSP, SQL, HTML, XML
  • Java Application and Java Application Server administration/tuning
  • Amazon Web Services (AWS) and/or VMware vCloud and/or

Skills and Abilities
  • Ability to program in one of the following programming languages: Java, JavaScript, C#, C, C++
  • Ability to understand software design algorithms
  • Strong knowledge of one or more of the following programming languages: HTML5, Java, Objective-C , C#, C++, SQL is preferred
  • Ability to write scripts in languages such as Python, BASH, or PowerShell for automation preferred
  • Ability to read and debug code

For more information please contact Fabio Jimenez at 201-565-0302.

Since 1995, iTech Solutions Inc., has been providing IT Consulting and Direct Hire Services to the Insurance, Financial, Communications, Manufacturing  and Government sectors with local offices in Connecticut, Minnesota, Colorado,  Massachusetts, Tennessee, North Carolina, and New Jersey / Pennsylvania area. 

Our recruiting strategy is simple, if you want to find qualified IT professionals then use IT professionals to find them.   So at iTech Solutions,  our personnel are all career IT professionals with a wide range of IT experience.  We can honestly say our staff understands the technologies, the complexities of finding and selecting the appropriate personnel and the pressures of running successful IT projects.  

Employer will not sponsor applicants for any employment visas, at hiring or in the future, including but not limited to H-1B visas. Corp-to-Corp or subcontract personnel will not be considered for this position.