Jobs for People with MS: National MS Society

Mobile National MS Society Logo
Home View All Jobs (2,003,521)

Job Information

Synchrony Bank AVP, Application Security Static Analyst (Multiple Positions) in Stamford, Connecticut

AVP, Application Security Static Analyst (Multiple Positions), Synchrony Bank,

Stamford

, CT.

Develop and implement effective security controls pertaining to information systems. Execute static and open-source security assessments on custom-coded applications including web applications, web services, and APIs. Review security findings with application teams, and support remediation tracking. Perform False Positive Analysis, secure code review, and audit/triage of findings in collaboration with developers to ensure true positives are identified and addressed. Validate remediation of SAST and SCA assessment findings. Create and enhance internal documentation such as application security process, standards, guidelines, job aids and run books. Enforce the security requirements defined in the internal documentation. Identify and escalate instances of non-compliance. Operate in an Agile development environment, understanding tools, concepts, and methodologies. Support the collection of data and documentation in support of examination and audits.

40 hrs/week, Mon-Fri, 8:30 a.m. - 5:30 p.m.

MINIMUM REQUIREMENTS

:

Bachelors degree or foreign equivalent degree in Electronic Engineering, Information Technology, or a related field, and three (3) years of, related work experience.

Must have three (3) years of experience with/in:

  • Static Application Security Testing (SAST) and Software Composition Analysis (SCA);
  • Common security vulnerabilities and weaknesses, including OWASP Top 10;
  • At least one of the following application security assessments tools: Micro Focus Fortify, Micro Focus Software Security Center (SSC), Sonatype Nexus IQ Server, and/or other commonly used SAST and SCA enterprise tools;
  • Secure coding practices or System Integration;
  • Configuring, integrating, and supporting SAST and SCA application security tools in DevOps CI/CD pipelines; and
  • Implementing security in every phase of SDLC.

100% telecommuting permitted.

To apply, email resume to HR Manager referencing job code CT0065 in subject line to: kristine.mackey@syf.com.

DirectEmployers