Application Security Analyst

Application Security Analyst

Posted Today by 1752211983

Apply
£500 Per day
Outside
Hybrid
City of London, London
Apply
Amazon Web Services (AWS) Application Programming Interface (API) Application Security Authentications Authorisation (Computing) Business Logic Cloud Computing Cloud Technology Information Systems Security Internal Controls JIRA Management Microsoft 365 Microsoft Teams OAuth OpenID Open Web Application Security Project (OWASP) Project Management Project Management Office (PMO) Stakeholder Engagement Stakeholder Management Web Applications Web Application Security

Summary: The Application Security Analyst role is a contract position for an initial three months, based in London with a hybrid working arrangement. The analyst will be part of the IT Department's Project Management Office, focusing on supporting the Security Application Compliance programme. Key responsibilities include performing system application assessments and collaborating with IT teams to implement corrective actions based on identified deficiencies.

Key Responsibilities:

  • Perform system application assessments in alignment with established application security controls
  • Communicate and report deficiency findings to management
  • Assist IT teams in implementing corrective actions based on identified deficiencies
  • Ensure effective business changes are introduced as a result of deficiency findings
  • Monitor and follow up on assessment recommendations to ensure timely implementation and resolution with the appropriate IT stakeholders
  • Work with the PM, internal controls colleagues, IT Managers, and InfoSec to improve internal control

Key Skills:

  • Deep understanding of Web Application Security (e.g., OWASP Top 10 & beyond, such as business logic flaws, access control bypasses)
  • Understanding of secure development practices
  • Static & Dynamic Analysis (e.g., DAST)
  • Experience in Authentication & Authorization (e.g., modern-day protocols like OAuth, OpenID, and experience in analysing access control and session management)
  • Understanding of Cloud & API security; Cloud platforms (Azure, AWS) & their security implications
  • Experience with Jira & Confluence
  • Experience with Monday.com
  • Experience with Microsoft Teams (including shared folder management on Teams)
  • Previous experience managing projects/workstreams independently
  • Proven ability to gather information across multiple sources and reconcile it into a comprehensible format for further use by other teams involved with the delivery of the programme
  • Excellent stakeholder engagement & management skills
  • Ability to work in a fast-paced environment and manage multiple priorities across different projects
  • Attention to detail
  • Clear communication; must be able to explain findings to both technical & non-technical stakeholders
  • Analytical thinking: Ability to understand complex systems and identify weak points
  • Report writing & presentation; delivers clear, actionable security assessment reports with prioritised remediations

Salary (Rate): £500 daily

City: London

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

City of London, London

Application Security Analyst

Contract / Up to £500 per day

Application Security Analyst, 3 months, London/Hybrid, £500/day (Outside IR35)

My client, a leading TV production company are currently looking to bring on an Application Security Analyst for an initial 3 month contract. This role is part of the Project Management Office in the IT Department and will support the Security Application Compliance programme.

Key Responsibilities:

  • Perform system application assessments in alignment with established application security controls
  • Communicate and reporting deficiency findings to management
  • Assist IT teams in implementing corrective actions based on identified deficiencies
  • Ensure effective business changes are introduced as a result of deficiency findings.
  • Monitor and follow up on assessment recommendations to ensure timely implementation and resolution with the appropriate IT stakeholders
  • Working with the PM, internal controls colleagues, IT Managers, InfoSec, to improve internal control

Desirable Skills and Experience:

Technical Skills

  • Deep understanding of Web Application Security (e.g., OWASP Top 10 & beyond OWASP, such as business logic flaws, access control bypasses)
  • Understanding of secure development practices
  • Static & Dynamic Analysis (e.g., DAST)
  • Experience in Authentication & Authorization (e.g., modern-day protocols like OAuth, OpenID, and experience in analysing access control and session management)
  • Understanding of Cloud & API security; Cloud platforms (Azure, AWS) & their security implications
  • Experience with Jira & Confluence
  • Experience with Monday.com
  • Experience with Microsoft Teams (including shared folder management on Teams)

Soft Skills

  • Previous experience managing projects/workstreams independently
  • Proven ability to gather information across multiple sources and reconcile it into a comprehensible format for further use by other teams involved with the delivery of the programme (i.e., dev/tech teams, etc.)
  • Excellent stakeholder engagement & management skills (i.e., workshops, interviews, questionnaires, product demos, etc.)
  • Ability to work in a fast-paced environment and manage multiple priorities across different projects
  • Attention to detail (as small oversights in security can be critical)
  • Clear communication; must be able to explain findings to both technical & non-technical stakeholders
  • Analytical thinking: Ability to understand complex systems and identify weak points
  • Report writing & presentation; delivers clear, actionable security assessment reports with prioritised remediations

Apply
Similar Jobs
Loading data...