Application Security Testing Analyst
Dorchester, MA

Job Description

Application Security Testing Analyst-1902625

Description

Position Summary:

As part of the SBNA Chief Information Security Office, the application security testing analysts will enforce secure development standards by working closely with business unit's project managers and software developers throughout the software development cycle process. Major activities, including but not limited to, performing security control reviews, conducting application security testing and communicating results with specific remediation and best practice guidance.

Responsibilities:

* Conduct automated dynamic application security testing using automated testing tools


* Performing assessment of Penetration testing results


* Review test results from tools


* Ensure that automated tests are completed successfully


* Identify and remove any false positives from automated testing tool reports


* Triage & Disposition results


* Provide application security consulting SME Support to developers


* Assist developers in understanding of security defects and risk


* Assist in defining an acceptable solution to fix defects


* Communicate, and document security risks, issues, and controls for security planning purposes with line of business liaisons Help maintain Security Coding Standards


* Stay up to date known security vulnerabilities


* Review malicious use cases/threat models



The position based in Dorchester, MA, and requires periodic travel to other US locations.

Qualifications

* Bachelor Degree in Computer Science or a related discipline or equivalent work experience


* 3-5 years of experience in security applications and systems


* Experience with application penetration testing


* Experience with manual penetration testing tools - they should have experience in one of the following: Burp Suite Pro or ZAP penetration


* Experience with automated penetration tools. They should have experience in one of the following: AppScan (IBM tool), Web Inspect(Client tool)


* Must be able to create reports explaining vulnerabilities and having demonstrated experience with communication of reports to various level of personnel within a large organization



At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.

Job:Information Security

Primary Location:Massachusetts-Dorchester-2 Morrissey Boulevard - 06367 - Columbia Park

Organization:Technology (5900)

Schedule:Full-time

Job Posting:Jun 6, 2019, 8:14:40 PM

AN EQUAL OPPORTUNITY EMPLOYER M/F/Vet/Disabled/SO