Information Systems Security Analyst (State Street Bank and Trust Company; Quincy, Massachusetts): Global Quality Solutions (GQS) Security Verification Center (SVC) Information Systems Security Analysts develop and execute exploratory and regression tests with a focus on GQS SVC's capabilities. The Information Systems Security Analyst is an established software development and/or QA professional that has experience and understanding of information security principles and continuing the development of information security knowledge and skills. The Information Security Analyst will develop and maintain manual and automated test scripts and work with developers to explain and demonstrate the defects they discover and provide corrective actions. Specifically, the Information Security analyst will enable application testers throughout GQS to incorporate GQS SVC's testing framework(s) by providing oversight, feedback on quality specifications through support and consultative services. The individual will create detailed, comprehensive, and well-structured test strategies and plans (including white and black box testing strategies) and test cases as well as estimate, prioritize, plan, and coordinate quality test activities. Specific Duties include: Creating application security testing and verification methodologies for automated and manual application build processes; creating application security testing/verification methodologies for automated and manual application build processes; assisting in the creation of in-flight application security validation with development teams using Agile and Waterfall life cycle models; developing and providing Security Verification training; deploying, integrating, and automating the use of Security testing tools along with Static and Dynamic Application Security Scanners; researching and recommending the use of Interactive Application Security Testing scan tools; maximizing developers' experiences using the Application Security Verification platform and techniques; and driving the onset of application security verification in Continuous Delivery pipelines. Domestic and international travel required up to 10%.
Minimum requirements are: Master's degree in Computer Science, Information Security, or a related technical field; and 3 years of experience in a financial services IT setting. Alternatively, will accept a Bachelor's degree in Computer Science, Information Security, or a related technical field; and 6 years of experience in a financial services IT setting.
Must have: Demonstrated knowledge of security domains including: security engineering, confidentiality/cryptography, communications and network security, secure software development, Identity and Access Management (IAM), application specific access control, security assessment and testing, and security operations; knowledge of IT Risk Management or Information Security; experience in software development or software quality assurance; knowledge of Waterfall and Agile Software Development Lifecycle (SDLC); experience in automating test cases using Micro Focus Unified Functional Testing; knowledge of testing and software defect tracking tools including Micro Focus Load Runner and Micro Focus Quality Center; and experience automating test cases and performing Micro Focus Unified Functional Testing. (Unless otherwise indicated, State Street is seeking the ability in the skills listed above with no specific amount of years of experience required. All experience can be gained concurrently.)
Apply online at statestreet.com/careers. State Street Job ID: R-619411 An EOE.
About State Street
State Street Corporation is a financial holding company, providing a full range of products and services for large pools of investment assets.