Jobs for People with MS: National MS Society

Mobile National MS Society Logo
Home View All Jobs (2,208,449)

Job Information

Paycom Online Application Security Analyst III in Oklahoma City, Oklahoma

The Application Security Analyst III position exists to protect the security posture of the Paycom application through tasks such as advanced web application penetration testing, code review, tool use, and other as-needed security reviews. Additional tasks include work to develop or improve existing projects that contribute to application security, and user education.

RESPONSIBILITIES

  • Perform and lead advanced web penetration test assessments and manual code review.

  • Work closely with Software Development Delivery teams, Product Owners and Development Project Managers to identify module-specific risks through threat modeling and provide mitigation recommendations to meet business and security requirements.

  • Provide guidance and train members of the software development teams on security best practices and encourage a culture of security awareness.

  • Participate in threat modeling processes and document module risks and potential mitigation techniques.

  • Contribute to the development of in-house security solutions, utilized for security testing and to meet compliance/regulatory requirements, as needed.

  • Work with the DevOps team on the integration of security tools into the DevOps lifecycle.

  • Research 3rd party tools, software libraries, APIs, and other incoming technology for security viability and document any concerns prior to application integration.

  • Interface with other departments to gain insight into new technology and initiatives as needed.

  • Train and guide other Application Security Analysts on threat modeling, advanced penetration testing, and development processes within Application Security.

  • Analyze complex or recurring issues within the application and work with the software development teams on remediation.

  • Act as a SME on assigned modules, advanced vulnerabilities, and automation technologies.

  • Attend trainings, pursue certifications, and research vulnerabilities, remediations, and new technology to learn and stay up to date on security best practices.

  • Contribute to the creation, maintenance, and improvement of documentation around security, policies, standards, guides, and procedures where applicable.

Qualifications

Education/Certification:

  • Bachelors or Master’s Degree in Management Information Systems, Computer Science or Cyber Security.

Experience:

  • *At least 3 years of experience in Application Security.

  • Strong experience with the OWASP Top 10 vulnerabilities.

  • Experience implementing information security principles and practices.

  • Solid understanding of web server architecture and relevant concepts: HTTP, TLS, DNS, WAF, etc.

  • Experience with one or more programming/scripting languages highly recommended: PHP, Python, C#, Java, C++, C, JavaScript, React.

  • Basic understanding of cloud infrastructure and technologies: Kubernetes, Docker, etc.

  • Basic experience with the following technologies is highly recommended but not required: SQL (MySQL/MSSQL/Postgres), NoSQL, HTML, CSS

  • Experience with the following operating systems is highly recommended but not required: Linux distributions (Ubuntu, Kali Linux, Debian, Red Hat), iOS, Android OS, macOS.

  • Strong analytical and problem-solving skills.

  • Strong verbal and written communication skills.

* Will consider an equivalent combination of relevant education and experience.

PREFERRED QUALIFICATIONS

Education/Certification:

  • Industry Certification (CASP+, Pentest+, Burp Suite Certified Practitioner, OSCP, CISSP, etc.) preferred.

Paycom is an equal opportunity employer and prohibits discrimination and harassment of any kind. Paycom makes employment decisions on the basis of business needs, job requirements, individual qualifications and merit. Paycom wants to have the best available people in every job. Therefore, Paycom does not permit its employees to harass, discriminate or retaliate against other employees or applicants because of race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, military and veteran status, age, physical or mental disability, genetic characteristic, reproductive health decisions, family or parental status or any other consideration made unlawful by applicable laws. Equal employment opportunity will be extended to all persons in all aspects of the employer-employee relationship. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation benefits, and separation of employment. The Human Resources Department has overall responsibility for this policy and maintains reporting and monitoring procedures. Any questions or concerns should be referred to the Human Resources Department. **To learn more about Paycom's affirmative action policy, equal employment opportunity, or to request an accommodation - Click on the link to find more information:** paycom.com/careers/eeoc

DirectEmployers