Application Security Analyst III

Job Description

The Application Security Analyst position exists to protect the security posture of the Paycom application through tasks such as web application penetration testing, code review, tool use, and other measures.

Additional tasks include work to develop or improve existing projects that contribute to application security, and user education.

RESPONSIBILITIES

• Perform and lead web penetration test assessments on company applications and APIs.
• Analyze and report on findings from penetration tests to leadership and Development.
• Perform code review of application source code for security vulnerabilities.
• Analyze and report on findings from code review to leadership and Development.
• Communicate with developers to explain security findings and suggested remediation.
• Communicate with developers to find solutions to meet business and security requirements.
• Research the security of 3rd party tools, software libraries, APIs, etc.
• Research and work with other departments, especially Development, to suggest security solutions in alignment with security best practices and business needs.
• Perform basic system administration tasks on servers or applications.
• Assist and train fellow team members on department projects.
• Work with various security scanning tools to assess the security posture of the Paycom application and report on findings.
• Contribute to the creation, maintenance, and improvement of documentation around security, policies, standards, guides, and procedures where applicable.
• Contribute to planning and developing the Application Security program.

Education / Certification :

Bachelor's degree in Management Information Systems, Computer Science or Cyber Security

Experience :

• 1+ years of experience in IT related field
• 5+ years of experience in Application Security or IT Security experience

PREFERRED QUALIFICATIONS

Education / Certification :

• Master's degree in Management Information Systems, Computer Science or Cyber Security
• Industry Certification (GWAPT, GCIH, etc.)

Skills / Abilities :

• Strong experience with the OWASP Top 10 vulnerabilities list; can demonstrate finding, exploiting, and potential remediation for items from the Top 10
• Experience implementing information security principles and practices.
• Experience with one or more programming / scripting languages : PHP, Python, C#, Java, C++, C, JavaScript, React
• Basic experience with the following technologies is highly recommended but not required : SQL (MySQL / MSSQL / Postgres), NoSQL, HTML, CSS
• Understanding of cluster / container technologies : Kubernetes, Docker, etc.
• Experience with the following operating systems is highly recommended but not required : Linux distributions (Ubuntu, Kali Linux, Debian, Red Hat), iOS (current versions), Android OS (current versions), macOS (current versions)
• Strong analytical and problem-solving skills
• Strong verbal and written communication skills

Paycom is an equal opportunity employer and prohibits discrimination and harassment of any kind. Paycom makes employment decisions on the basis of business needs, job requirements, individual qualifications and merit.

Paycom wants to have the best available people in every job. Therefore, Paycom does not permit its employees to harass, discriminate or retaliate against other employees or applicants because of race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, military and veteran status, age, physical or mental disability, genetic characteristic, reproductive health decisions, family or parental status or any other consideration made unlawful by applicable laws.

Equal employment opportunity will be extended to all persons in all aspects of the employer-employee relationship. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation benefits, and separation of employment.

The Human Resources Department has overall responsibility for this policy and maintains reporting and monitoring procedures.

Any questions or concerns should be referred to the Human Resources Department. To learn more about Paycom's affirmative action policy, equal employment opportunity, or to request an accommodation - Click on the link to find more information : paycom.com / careers / eeoc

BENEFITS : QUALIFICATIONS :