The Application Security Analyst will provide Engineering Services for all Business Unit (BU) and Service Provider activities encompassing application security to ensure a consistent state is maintained across the enterprise. Work closely with BU and Service Provider representatives providing engineering services and proactive support. Engineering and documenting application security services involving complex designs. Engage in Incident Response activities as needed. Create and maintain technical and operational documentation of in scope security systems. Create new inventory items for in scope security infrastructure as they are being built.
The ideal candidate for this job will have courses and/or relevant work experience in some or all of the following skills:
Ensuring ongoing security of multichannel operations covering ecommerce, mobile, and customer relations
- Helping to embed security in the development and operational lifecycle, and showing continued security value by presenting risk from the customer and business perspective
- Ensuring teams have what they need to deliver secure code and applications including the skills, tools, and training
- Static and dynamic security testing including code scanning, hands on targeted assessments and ethical hacking
- Ownership of security toolsets for the discovery and investigation of potential vulnerabilities and activity monitoring
- Reviewing and advising on application architecture and designs
- Networking with industry peers on general and targeted threat intelligence
- Acting as security evangelist and ‘mentor’ to the business and development teams
- Identifying and pursuing opportunities for continuous improvement
- Helping to maintain PCI DSS and other regulatory compliance
The ideal candidate will have:
- Strong understanding of application security awareness, including the security of web application
- Demonstrable Java, Python or C# programming ability with an in-depth understanding of underpinning techniques
- Experience in the full Software Development life-cycle from design to deployment
- Understanding of databases
- Knowledge of Agile methodologies
- Proven ability to tackle challenging projects
- Excellent skills in penetration testing of web applications as well
- Experience working with external pen testers and/or acting as a primary contact for their testing
- Solid and demonstrable comprehension of cyber and information security including secure coding, security in the SDLC, hacking techniques and the evolving threat landscape
- Experience or working knowledge of a variety of SAST and DAST security tools
- Experience with web application firewalls
- Working knowledge of infrastructure security scanning software
- Working knowledge of secure development practices such as OWASP and BSIMM
- Technical mind-set with an aptitude for analysis and investigation
- Keeps up to date with industry trends, new threats and changes in the security landscape
- Able to analyze technical data to decipher, prioritize and act upon findings
- Knowledge of software security standards such as the BSIMM
- Knowledge of current information security standards and regulations such as PCI DSS, ISO27000 series, and GDPR
- The capability to control impulse, handle stress, suspend judgement, and think before acting.
- Have a naturally friendly disposition, an upbeat personality, and the ability to engage others in conversation.
- Be flexible and adaptable.
- Can communicate clearly and succinctly in both written and verbal communications.
- Familiarity and passion for the products and services highlighted in the previous section.
- Problem-solving and troubleshooting skills.
- Accuracy & Attention to Detail.
- Analytical Skills.
- Judgement and Decision-Making Skills.
- Presentation Skills.
Posting Date: 11-August-2022
Closing Date: 26-August-2022
FedEx was built on a philosophy that puts people first, one we take seriously. We are an equal opportunity employer and we are committed to a diverse and inclusive workforce in which we provide growth opportunities for all
FedEx Express is one of the world’s largest express transportation companies and has consistently been selected as one of the top 10 World’s Most Admired Companies by “Fortune” magazine. Every day FedEx delivers for its customers with transportation and business solutions, serving more than 220 countries and territories around the globe. We can serve this global network due to our outstanding team of FedEx team members, who are tasked with making every FedEx experience outstanding.
The People-Service-Profit philosophy (P-S-P) describes the principles that govern every FedEx decision, policy or activity. FedEx takes care of our people; they, in turn, deliver the impeccable service demanded by our customers, who reward us with the profitability necessary to secure our future. The essential element in making the People-Service-Profit philosophy such a positive force for the company is where we close the circle, and return these profits back into the business, and invest back in our people. Our success in the industry is attributed to our people. Through our P-S-P philosophy, we have a work environment that encourages team members to be innovative in delivering the highest possible quality of service to our customers. We care for their well-being, and value their contributions to the company.
Our culture is important for many reasons, and we intentionally bring it to life through our behaviors, actions and activities in every part of the world. The FedEx culture and values have been a cornerstone of our success and growth since we began in the early 1970’s. While other companies can copy our systems, infrastructure and processes, our culture makes us unique and is often a differentiating factor as we compete and grow in today’s global marketplace.