Job Description and Requirements

Randolph-Brooks Federal Credit Union is currently searching for an experienced and talented Application Security Analyst II to join our amazing IT Security team! 

The Application Security Analyst II will have the ability to work a hybrid schedule (remote/onsite) after a period of training (time frame may vary). Training will take place at the RBFCU Administrative Service Center: 1 Ikea-RBFCU Pkwy, Live Oak, Texas 78233. All applicants must reside within the state of Texas and have the capability of performing all of the work from their home in Texas.

To successfully work from home, employees must have access to a minimum internet connection as noted by RBFCU.

• Must have a reliable home internet provider and the ability to hard wire a connection directly to modem (Ethernet cable provided)

• Must be able to provide a workspaces at home that is safe, suitable for work, and within a distraction free environment

The Application Security Analyst II will support operational procedures (communication, coordination and tracking) of Application Security Vulnerabilities. This includes but is not limited to running Application Security Scans (SAST, DAST, etc.). Discover security gaps and vulnerabilities through security consultations, code reviews and assessments.

Essential Functions and Responsibilities:

• Support operational procedures (communication, coordination and tracking) of Application Security Vulnerabilities. This includes but is not limited to running Application Security Scans (SAST, DAST, etc.)

• Assist with discovering security gaps and vulnerabilities through security consultations, code reviews and assessments

• Assist with defining and following a security review process to ensure an automated and repeatable process is managed

• Participate in leading and defining Application Security best practices

• Staying up-to-date on security trends related to threats, and vulnerabilities

• Support Application Development teams with results from scans through reviewing findings with Application Teams and document and tracking security findings through remediation

• Support software security assurance process stakeholders during the different phases of the project

• All other duties as assigned (note: essential functions and responsibilities may change or new ones may be assigned at any time with or without notice)

Requirements:

• High School Diploma or GED. Associates Degree in Information Technology preferred

• Minimum of one year of technical information security experience performing tasks as described in the job description and/or three years hands on application code review

• Previous experience in a Security Analyst role

• Demonstrated Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies such as (Secure Software development, Application Security, data protection, cryptography, key management, and identity access management

• Familiarity with deployment orchestration, automation, and security configuration management

• Experience with enterprise applications (architecture, development, support, and troubleshooting)

• Ability to perform threat modeling and design reviews to assess security implications and requirements for introduction of new technologies

• Application development experience in designing and implementing software systems, building mission-critical and highly reliable software

• Application development background in Java/.Net or similar with excellent understanding in mitigating OWASP Top 10 attacks

Skills and/or Certifications and Licensing: 

• Prefer relevant security certifications such as CompTIA Security+, CompTIA Linux+ or vendor related certifications

• Understanding of secure coding practices and secure code reviews used to identify, mitigate, and prevent threat vectors

• Understanding of vulnerability management lifecycle and process

• Understanding of security architecture and tools which can be leveraged for Application Security mitigation

• Experience in a collaborative team environment applying security principles to the development of applications

• Excellent written and verbal communication skills

• Strong analytical mind and problem solving skills  

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.