** 12 Month Contract ** Security Analyst ** Banking Client **

** 12 Month Contract ** Security Analyst ** Banking Client ** based in Belgium ** 12 month Contract **

Our prestigious Banking client is seeking a highly motivated individual with strong code review experience. You must be self-motivated and have the experience, personality, and passion to support developers and designers.

The mission of the SAST team within GSBR is to implement and operate a set of applications security controls through an automated process integrated through the Software Development Life Cycle/s (SDLC). We ensure that corporate policies and OWASP guidelines are uniformly applied by development teams across all business unit.

• Analyse source code using automated static analysis scanning to establish a baseline
• Correlate findings against the existing databases of known software vulnerabilities, to help identify security flaws during the development phase
• Increase the software development teams knowledge of secure coding procedures, so the organisation can build security with every release
• Provide developers with guidance to understand, prioritise and re-mediate vulnerabilities
• Enforce production scans with a Go-Live criteria: No OWASP Top 10 vulnerabilities
• Report on key metrics on all scanned applications

Technical Requirements and the main focus of the work will be in conducting operational activity, analysing source code findings and providing subject matter expertise to developers, using IBM Appscan Source.

Qualifications

Specific qualifications for the Security Analyst position include:

• At least 5 years of experience in IT industry
• Web application development background in .NET or Java
• Strong code review experience – Must be able to read source codes and detect bad coding practices
• Must be able to guide developers on how to resolve/fix security issues
• Strong security knowledge using IBM Appscan Source. or similar tools (Fortify, Veracode, etc)
• Familiar with OWASP, SANS, CWE initiatives
• Knowledgeable about how security vulnerabilities can be exploited in application code by attackers and what are the coding best practices to prevent these attacks
• Experience with end-to-end application software security processes including management and remediation of findings
• Experience with Software Development Life Cycle (SDLC)
• Experience using Microsoft Office suite including Word, Excel, Access, Etc.
• Experience using a Service Desk
• Agile knowledge
• Experience of leading or managing an application software security team would be an advantage.

Please contact Jason on Jstiles@welovesalt.com or 0207 928 2525

This job ad was posted by Salt. To find out more about Salt’s Privacy Policy and how your application is processed, please visit our website https://welovesalt.com/privacy-policy/.