Position Summary:
The Information Security, Application and System Testing Analyst will be responsible for maintaining a fully mature enterprise-wide IT Application and System Security Testing program.  This role is challenged with the responsibility of identifying and safeguarding applications, systems, and emerging technologies while applying information security best practices.  In addition, this role will be responsible for enhancing a robust cyber security Software Development Lifecycle (SDLC).  This position will also have operational responsibility in the disciplines of:  vulnerability management; incident response; malware analysis; audit and compliance schedules; security best practices to large database and high-transaction software systems in the Telecommunications space; advancing the program development of key risk and performance indicators with documented metrics.

Some essential functions of the role include, but are not limited to the following:
- Work with sensitive and confidential information while maintaining the highest level of confidentiality, professionalism, and ethics
- Maintain documented procedures and follow industry best practices for conducting application, system, and malware testing
- Contribute to helping others learn industry security tradecraft
- Perform application and system vulnerability assessments across the enterprise
- Monitor overall IT Security Operations effectiveness
- Assist with incident response and potential breach activities, on a 24x7 schedule, if necessary
- Perform code reviews across a variety of programming languages and business units
- Performing assessments of System Development Life Cycle (SDLC) processes
- Developing test scripts and procedures to support the program’s tactical and strategic initiatives
- Other security-related projects that may be assigned according to skills

Required Qualifications:
Candidates for this role must have direct experience with the following:
- Minimum of 2+ years work experience in application security
- Minimum education requirement of B.S. degree in Computer Science or equivalent work experience
-Strong ethics and understanding of ethics in business and information security
- Experience performing code reviews
- Experience in or strong understanding of software development / writing coding
- Experience remediating vulnerabilities with business partners
- Knowledge of OWASP tools and methodologies
- Understanding of Java, C# and other web programming languages
- Understanding of scripting languages such as: Python, Go, AngularJS
- Knowledge of secure system configurations for both Windows and Linux platforms
- Knowledge of how to secure and configure Webserver Technologies such as Apache, IIS, Tomcat etc.
- Ability to complete tasks and deliver professionally written and oral reports to clients at all levels of the organization
- Possess current security certifications (e.g., CSSLP, CASS, OSWE)
- Participate and contribute to enterprise security breach response activities; 24x7 schedule, if necessary
- Collaborate with both internal and external partners to develop and update Security Operations standards, procedures, guidelines, and best practices
- Developing and reporting of key information, metrics, security performance, and driving enterprise processes
- Excellent communication, collaboration, and strong project management skills
- The ability to obtain a government clearance

Additional Skills:
- Experience working with malware and applying reverse engineering techniques
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP WebInspect, Acunetix, Burp Suite Pro, amongst others)
- Experience with creating scripts (e.g., PowerShell, Pearl, Python, Go)
- Experience with application and system analysis tools (e.g., HP Fortify, Checkmarx, BlackDuck)
- Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
- Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
- Understanding of container and automation technologies such as Jenkins, Puppet, Chef, Docker, Kubernetes etc.

View full description Apply Bridgewater, NJ Security 2419 Location - Bridgewater, NJ

About iconectiv
At iconectiv, we envision a world without boundaries, where the ability to access and exchange information is simple, secure and seamless. As the authoritative partner of the communications industry for more than 30 years, our market-leading solutions enable the interconnection of networks, devices, and applications for more than one billion people every day. Working closely with private, government and non-governmental organizations, iconectiv has intimate knowledge of the intricacies and complexities of creating, operating, and securing the telecommunications infrastructure for service providers, regulators, enterprises and content providers. iconectiv provides network and operations management, numbering, registry, fraud and revenue assurance and messaging solutions to more than 1,000 customers globally.

As the world continues to change in ways we cannot even begin to imagine, we know that one thing will never change -- the need to stay connected. The world of tomorrow is counting on us, and we are delivering.

A US-based company, Telcordia Technologies, Inc., doing business as iconectiv. For more information, visit www.iconectiv.com.

Responsibilities:
The Information Security, Application and System Testing Analyst will be responsible for maintaining a fully mature enterprise-wide IT Application and System Security Testing program. This role is challenged with the responsibility of identifying and safeguarding applications, systems, and emerging technologies while applying information security best practices. In addition, this role will be responsible for enhancing a robust cyber security Software Development Lifecycle (SDLC). This position will also have operational responsibility in the disciplines of: vulnerability management; incident response; malware analysis; audit and compliance schedules; security best practices to large database and high-transaction software systems in the Telecommunications space; advancing the program development of key risk and performance indicators with documented metrics.
Some essential functions of the role include, but are not limited to the following:
Work with sensitive and confidential information while maintaining the highest level of confidentiality, professionalism, and ethics
Maintain documented procedures and follow industry best practices for conducting application, system, and malware testing
Contribute to helping others learn industry security tradecraft
Perform application and system vulnerability assessments across the enterprise
Monitor overall IT Security Operations effectiveness
Assist with incident response and potential breach activities, on a 24x7 schedule, if necessary
Perform code reviews across a variety of programming languages and business units
Performing assessments of System Development Life Cycle (SDLC) processes
Developing test scripts and procedures to support the program’s tactical and strategic initiatives
Other security-related projects that may be assigned according to skills

Required Qualifications:
Candidates for this role must have direct experience with the following:
Minimum of 2+ years work experience in application security
Minimum education requirement of B.S. degree in Computer Science or equivalent work experience
Strong ethics and understanding of ethics in business and information security
Experience performing code reviews
Experience in or strong understanding of software development / writing coding
Experience remediating vulnerabilities with business partners
Knowledge of OWASP tools and methodologies
Understanding of Java, C# and other web programming languages
Understanding of scripting languages such as: Python, Go, AngularJS
Knowledge of secure system configurations for both Windows and Linux platforms
Knowledge of how to secure and configure Webserver Technologies such as Apache, IIS, Tomcat etc.
Ability to complete tasks and deliver professionally written and oral reports to clients at all levels of the organization
Possess current security certifications (e.g., CSSLP, CASS, OSWE)
Participate and contribute to enterprise security breach response activities; 24x7 schedule, if necessary
Collaborate with both internal and external partners to develop and update Security Operations standards, procedures, guidelines, and best practices
Developing and reporting of key information, metrics, security performance, and driving enterprise processes
Excellent communication, collaboration, and strong project management skills
The ability to obtain a government clearance

Additional Skills:
Experience working with malware and applying reverse engineering techniques
Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP WebInspect, Acunetix, Burp Suite Pro, amongst others)
Experience with creating scripts (e.g., PowerShell, Pearl, Python, Go)
Experience with application and system analysis tools (e.g., HP Fortify, Checkmarx, BlackDuck)
Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
Understanding of container and automation technologies such as Jenkins, Puppet, Chef, Docker, Kubernetes etc.

Relocation Benefits: This position is not eligible for relocation assistance.

Full Time Employee benefits:
Health care benefits
401(k) with company match
Holiday pay
Paid time off (inclusive of a volunteer day)
Tuition Reimbursement upon approval
On-site Gym

DISCLAIMER: The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position. Therefore, employees assigned may be required to perform additional job tasks required by the manager.

We are proud to be an EOE Minorities/Females/Protected Veterans/Disabled employer. The Company’s status is a VEVRAA Federal Contractor. Request Priority Protected Veteran Referrals. We maintain a drug-free workplace and perform pre-employment substance abuse testing.
10108