• Snapboard
  • Activity
  • Reports
  • Campaign
Welcome ,

Chat with the recruiter

...Minimize

Hey I'm Online! Leave me a message.
Let me know if you have any questions.

Cyber Security Authentication Risk Assessor - Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS)

In United States

Save this job

Cyber Security Authentication Risk Assessor - Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS)   

Click on the below icons to share this job to Linkedin, Twitter!

JOB TITLE:

Cyber Security Authentication Risk Assessor - Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS)

JOB TYPE:

JOB SKILLS:

JOB LOCATION:

Atlanta, GA | Chicago, IL | Denver, CO | Jacksonville, FL | Washington, DC United States

JOB DESCRIPTION:

Are you passionate about working with the best information security team in the world?  Client is hiring top talent to join our innovative and forward thinking team.

 

What We Do:

At Client, we handle the finances of over 67 million client relationships every day, including helping them save, borrow, and invest for today and for their future. We stand by our clients each and every day giving them the power to realize their personal financial goals and help make their financial lives better. 

 

The Global Information Security organization is responsible for protecting bank information systems, confidential and proprietary data, and customer information. The team:

  • Develops the bank's Information security strategy and policy
  • Manages the Information security program and identifies and addresses vulnerabilities
  • Develops, deploys and manages a risk-based controls portfolio
  • Manages and operates a global security operations center that monitors, detects and responds to cybersecurity incidents

 

What We're Looking For:

We're looking for the next generation of Cyber security experts – those with a passion for growing a long-term career, building relationships and working with a team of innovative and forward thinking information security professionals. Our cyber team is meant for those looking to make a real impact and build a career in information security. The role is ideal for those who have a passion to work with industry leaders to protect our brand and the customer/client experience by proactively detecting, disrupting, and mitigating cyber security across the organization.

 

What You'll Get:

From day one, you'll receive training including hands-on practice, personalized coaching and dedicated support throughout your on-boarding experience. With demonstrated success, you'll have the opportunity to advance into many different roles with Global Information Security – with unlimited opportunity to grow throughout your career. You will be supported with dedicated programs, tools, and resources throughout your career journey.

 

We'll help you:

•Build a successful career at Client through world-class training and on-boarding programs that set you up for success

•Grow in your current role through one-on-one coaching from managers who are invested in your success and training programs that help you excel, build new skills or take on additional responsibility

•Continuously learn and advance your career goals through intentional career paths to the next best role

•Use resources and innovative technologies to optimize the client experience

•Expand your business knowledge and network by partnering with experts in Global Information Security, Global Technology and other lines of business

•Become an expert in what you do

 

What you can look forward to:

•Ongoing professional development to deepen your skills and optimize your expertise as the industry evolves and changes

•Resources and dedicated support to help you reach your full potential throughout your career

•A benefits program designed to meet the diverse needs of our employees at every stage of their life and help them plan for tomorrow

•Progressive workplace practices and initiatives that promote inclusion

 

We're a culture that:

•Believes in responsible growth and has a proven dedication to supporting the communities we serve.

•Provides continuous training and developmental opportunities to help people achieve their goals, whatever their background or experience.

•Believes diversity makes us stronger, so we can reflect, connect to and meet the diverse needs of our clients and customers around the world.

•Is committed to advancing our tools, technology, and ways of working. We always put our clients first to meet their evolving needs.

 

Role Description:

The Authentication Risk Assessor performs research, analysis, and testing of authentication applications leveraging industry standard baselines to identify potential vulnerabilities that could be exploited by a threat actor. The assessor clearly documents their findings and sometimes assist the Line of Businesses with questions regarding these findings and associated remediation efforts. 

 

The successful candidate will have a strong application security assessment background and be familiar with the Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS). Experience with access management is not required but is a plus. The candidate will typically have 5+ years of information security and/or secure application development experience. Previous experience working in the financial services is preferred but not required.

 

Responsibilities include: 
• Documenting how control objectives are met
• Identifying, explaining, and documenting gaps in control objectives
• Raising gaps to the Platform Assessor Lead/Execution Coordination Manager 
• Compiling the status of all identified gaps at the assessment's conclusion
• Remediation tracking/review of identified gaps 
• Communicating with CSA leaders on progress updates

Required Skills:

 

** Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS)


• Significant experience and detailed technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks, single sign-on technologies; exploit automation platforms; RESTful web services

• Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms
• Knowledge of Structured Query Language
• Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds
• BS/MS in Computer Science (or relevant work experience in a large scale IT environment)
• Knowledge of network and Web related protocols/technologies
• Experience as a developer
• Knowledge of a Structured Query Language

 

Enterprise Job Description: Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Position Details

POSTED:

Jan 17, 2023

EMPLOYMENT:

INDUSTRY:

SNAPRECRUIT ID:

S166199050456611151

LOCATION:

United States

CITY:

Atlanta, GA | Chicago, IL | Denver, CO | Jacksonville, FL | Washington, DC

Job Origin:

OORWIN_ORGANIC_FEED

A job sourcing event
In Dallas Fort Worth
Aug 19, 2017 9am-6pm
All job seekers welcome!

Cyber Security Authentication Risk Assessor - Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS)    Apply

Click on the below icons to share this job to Linkedin, Twitter!

<div> <p><b><span>Are you passionate about working with the best information security team in the world? </span> <span>Client is hiring top talent to join our innovative and forward thinking team.</span></b></p> <p> </p> <p><b>What We Do:</b></p> <p>At Client, we handle the finances of over 67 million client relationships every day, including helping them save, borrow, and invest for today and for their future. We stand by our clients each and every day giving them the power to realize their personal financial goals and help make their financial lives better. </p> <p> </p> <p>The Global Information Security organization is responsible for protecting bank information systems, confidential and proprietary data, and customer information. The team:</p> <ul> <li>Develops the bank's Information security strategy and policy</li> <li>Manages the Information security program and identifies and addresses vulnerabilities</li> <li>Develops, deploys and manages a risk-based controls portfolio</li> <li>Manages and operates a global security operations center that monitors, detects and responds to cybersecurity incidents</li> </ul> <p> </p> <p><b>What We're Looking For:</b></p> <p>We're looking for the next generation of Cyber security experts – those with a passion for growing a long-term career, building relationships and working with a team of <span>innovative and forward thinking</span> information security professionals. Our cyber team is meant for those looking to make a real impact and build a career in information security. The role is ideal for those who have a passion to work with industry leaders to protect our brand and the customer/client experience by proactively detecting, disrupting, and mitigating cyber security across the organization.</p> <p> </p> <p><b>What You'll Get:</b></p> <p>From day one, you'll receive training including hands-on practice, personalized coaching and dedicated support throughout your on-boarding experience. With demonstrated success, you'll have the opportunity to advance into many different roles with Global Information Security – with unlimited opportunity to grow throughout your career. You will be supported with dedicated programs, tools, and resources throughout your career journey.</p> <p> </p> <p><b>We'll help you:</b></p> <p>•Build a successful career at Client through world-class training and on-boarding programs that set you up for success</p> <p>•Grow in your current role through one-on-one coaching from managers who are invested in your success and training programs that help you excel, build new skills or take on additional responsibility</p> <p>•Continuously learn and advance your career goals through intentional career paths to the next best role</p> <p>•Use resources and innovative technologies to optimize the client experience</p> <p>•Expand your business knowledge and network by partnering with experts in Global Information Security, Global Technology and other lines of business</p> <p>•Become an expert in what you do</p> <p> </p> <p><b>What you can look forward to:</b></p> <p>•Ongoing professional development to deepen your skills and optimize your expertise as the industry evolves and changes</p> <p>•Resources and dedicated support to help you reach your full potential throughout your career</p> <p>•A benefits program designed to meet the diverse needs of our employees at every stage of their life and help them plan for tomorrow</p> <p>•Progressive workplace practices and initiatives that promote inclusion</p> <p> </p> <p><b>We're a culture that:</b></p> <p>•Believes in responsible growth and has a proven dedication to supporting the communities we serve.</p> <p>•Provides continuous training and developmental opportunities to help people achieve their goals, whatever their background or experience.</p> <p>•Believes diversity makes us stronger, so we can reflect, connect to and meet the diverse needs of our clients and customers around the world.</p> <p>•Is committed to advancing our tools, technology, and ways of working. We always put our clients first to meet their evolving needs.</p> <p> </p> <p><b>Role Description: </b></p> <p>The Authentication Risk Assessor performs research, analysis, and testing of authentication applications leveraging industry standard baselines to identify potential vulnerabilities that could be exploited by a threat actor. The assessor clearly documents their findings and sometimes assist the Line of Businesses with questions regarding these findings and associated remediation efforts. </p> <p> </p> <p>The successful candidate will have a strong application security assessment background and be familiar with the Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS). Experience with access management is not required but is a plus. The candidate will typically have 5+ years of information security and/or secure application development experience. Previous experience working in the financial services is preferred but not required.</p> <p> </p> <p>Responsibilities include: <br /> • Documenting how control objectives are met <br /> • Identifying, explaining, and documenting gaps in control objectives<br /> • Raising gaps to the Platform Assessor Lead/Execution Coordination Manager <br /> • Compiling the status of all identified gaps at the assessment's conclusion<br /> • Remediation tracking/review of identified gaps <br /> • Communicating with CSA leaders on progress updates<br /> <br /> <b>Required Skills:</b></p> <p> </p> <p><b>** Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS)</b></p> <p><br /> • Significant experience and detailed technical knowledge in at least 3 of the following areas: general information security; security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks, single sign-on technologies; exploit automation platforms; RESTful web services</p> <p>• Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms<br /> • Knowledge of Structured Query Language<br /> • Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds<br /> • BS/MS in Computer Science (or relevant work experience in a large scale IT environment)<br /> • Knowledge of network and Web related protocols/technologies<br /> • Experience as a developer<br /> • Knowledge of a Structured Query Language</p> <p> </p> <p>Enterprise Job Description: Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.</p> </div>


Please wait..!!