#Location - US Remote within the Eastern/Central time zones only

About iconectiv

Your business and your customers need to confidently access and exchange information simply, seamlessly and securely. iconectiv's extensive experience in information services, digital identity and numbering intelligence helps you do just that. In fact, more than 5K customers rely on our data exchange platforms each day to keep their networks, devices and applications connected and 2B consumers and businesses protected. Our cloud-based information as a service network and operations management and numbering solutions span trusted communications, digital identity management and fraud prevention. For more information, visit www.iconectiv.com . Follow us on X and Linkedln.

Responsibilities:

The Information Security, Application and System Testing Analyst will be responsible for maintaining a fully mature enterprise-wide IT Application and System Security Testing program. This role is challenged with the responsibility of identifying and safeguarding applications, systems, and emerging technologies while applying information security best practices. In addition, this role will be responsible for enhancing a robust cyber security Software Development Lifecycle (SDLC). This position will also have operational responsibility in the disciplines of: vulnerability management; incident response; malware analysis; audit and compliance schedules; security best practices to large database and high-transaction software systems in the Telecommunications space; advancing the program development of key risk and performance indicators with documented metrics.

Some essential functions of the role include, but are not limited to the following:

• Work with sensitive and confidential information while maintaining the highest level of confidentiality, professionalism, and ethics

• Maintain documented procedures and follow industry best practices for conducting application, system, and malware testing

• Contribute to helping others learn industry security tradecraft

• Perform application and system vulnerability assessments across the enterprise

• Monitor overall IT Security Operations effectiveness

• Assist with incident response and potential breach activities, on a 24x7 schedule, if necessary

• Perform code reviews across a variety of programming languages and business units

• Performing assessments of System Development Life Cycle (SDLC) processes

• Developing test scripts and procedures to support the program’s tactical and strategic initiatives

• Other security-related projects that may be assigned according to skills

Required Qualifications:

Candidates for this role must have direct experience with the following:

• Minimum of 2+ years work experience in application security

• Minimum education requirement of B.S. degree in Computer Science or equivalent work experience

• Strong ethics and understanding of ethics in business and information security

• Experience performing code reviews

• Experience in or strong understanding of software development / writing coding

• Experience remediating vulnerabilities with business partners

• Knowledge of OWASP tools and methodologies

• Understanding of Java, C# and other web programming languages

• Understanding of scripting languages such as: Python, Go, AngularJS

• Knowledge of secure system configurations for both Windows and Linux platforms

• Knowledge of how to secure and configure Webserver Technologies such as Apache, IIS, Tomcat etc.

• Ability to complete tasks and deliver professionally written and oral reports to clients at all levels of the organization

• Possess current security certifications (e.g., CSSLP, CASS, OSWE)

• Participate and contribute to enterprise security breach response activities; 24x7 schedule, if necessary

• Collaborate with both internal and external partners to develop and update Security Operations standards, procedures, guidelines, and best practices

• Developing and reporting of key information, metrics, security performance, and driving enterprise processes

• Excellent communication, collaboration, and strong project management skills

• The ability to obtain a government clearance, if needed

• US Citizenship required

Additional Skills:

• Experience working with malware and applying reverse engineering techniques

• Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP WebInspect, Acunetix, Burp Suite Pro, amongst others)

• Experience with creating scripts (e.g., PowerShell, Pearl, Python, Go)

• Experience with application and system analysis tools (e.g., HP Fortify, Checkmarx, BlackDuck)

• Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))

• Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)

• Understanding of container and automation technologies such as Jenkins, Puppet, Chef, Docker, Kubernetes etc.

Full Time Employee benefits:

• Health care benefits

• 401(k) with company match

• Holiday pay

• Paid time off (inclusive of a volunteer day)

• Tuition Reimbursement upon approval

DISCLAIMER: The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position. Therefore, employees assigned may be required to perform additional job tasks required by the manager.

We are proud to be an EOE Minorities/Females/Protected Veterans/Disabled employer. The Company’s status is a VEVRAA Federal Contractor. Request Priority Protected Veteran Referrals. We maintain a drug-free workplace and perform pre-employment substance abuse testing.