Application Security Integration AnalystEngineer

Application Security Integration Analyst/Engineer

Location: Raleigh NC (Hybrid)

Duration: 1 year (Renewable

Experience: Minimum 5 years (More experience is acceptable for this analyst role)

What We Do

We are the Application Security team within an Information Security organization driving the adoption of secure architectures and processes. We contribute to the security and data protection needs of an enterprise that is continually evolving its business models.

What You Do

You will play a role in assisting groups to securely develop and operate their applications and platforms by aligning to industry standard methodologies compliance and privacy requirements using Secure Development Lifecycle and industry framework and methodologies.

Perform risk identification impact analysis and then assist application teams develop security readiness plans with measurable objectives.

Assist application teams in meeting their adoption goals using security controls processes and objectives helping them with adoption of automated and manual security validations.

Security reviews of new and existing data integrations and update data flow description document.

Provide security expertise to lead application teams to create and/or update existing threat models for their services.

Provide security consultation for all aspects of application security compliance risk management and remediation.

Drive effectiveness and efficiency into improving various security processes and procedures.

This is a dynamic role and an excellent opportunity to move into cybersecurity field from an adjacent field and join a worldclass security organization.

What You Have

Relevant experience and/or training in various areas including cybersecurity software development compliance and risk management or security operations analysis.

Foundation in various security domains and technologies such as web security cloud security identity/access management web application firewalls (WAF) intrusion detection/prevention (IDS/IPS) static/dynamic application security testing (SAST/DAST) and software composition analysis (SCA).

Knowledge of modern SSO authentication methods: SAML OIDC OAuth etc.

Understand web application ntier architectures public cloud computing and deployment models and secure coding controls as detailed by organizations like OWASP and SANS.

Familiarity with and ability to understand business objectives business context and security risk. Cisco Confidential

Ability to stay current on security issues that are present within the industry.

Possess outofthebox thinking analytical reasoning and creative problemsolving skills.

Act decisively are hardworking highly motivated and eager to significantly impact Cisco and make it more secure! Minimum/Preferred Qualifications

5 years of combined professional experience in information technology including relevant graduate studies.

Working knowledge of IaaS cloud service providers (AWS/GCP/Azure) and deployment models.

Additional technical training or cybersecurity related certifications including but not limited to ISC2 or SANS GIAC is preferred.