Share Email Opening

Application Security Analyst 

Category Security  

Position Description

We are searching for a detail oriented Application Security Analyst to join our Security Compliance department.  Reporting to the Senior Director of Security Compliance, the ideal candidate will have an established work history in the field of information security with a focus on web application security methods.

Essential Job Functions

  • Work with developers to refine security checkpoints in the SDLC that are based on the PCI Data Security Standard and other industry-accepted doctrine such as NIST SP 800-115 and/or ISO security standards.
  • Develop secure coding standards that are based on industry-accepted best practices such as OWASP Guide, SANS CWE Top 25, or CERT Secure Coding to address common coding vulnerabilities.
  • Use automated tools to perform source code security analyses to identify vulnerabilities and attack vectors in web applications.
  • Work with information security analysts to refine web application penetration testing methods and breadth of security services.
  • Obtain and review all required artifacts as part of go, no go analyses at security checkpoint phases in the development cycle.
  • Assist with periodic security risk assessments, IT security audits, and management reporting.
  • Review and coordinate changes to information security policies, procedures, standards, and audit work programs in a continuous improvement model.
Position Requirements

Preferred Knowledge, Skills, and Abilities

  • Established work history as an information security practitioner.
  • Work experience with the PCI Data Security Standard with a focus on web application security methods.
  • Security risk assessment and systems security audit work experience is highly desired.
  • Experience working with common application security tools such as Fortify or BurpSuite is a plus.
  • Excellent verbal and written communication skills.
  • Ability to lift and move items weighing up to 50lbs without assistance.
  • Self-starter with the ability to perform tasks as an individual contributor or as a project lead.

Education and Experience

  • Higher education in information security or computer science is desired, but can be substituted with a broader background in information security disciplines.
  • Related certifications from the PCI, ISC2, ISACA, or GIAC organizations are a plus.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all duties, responsibilities, and skills.

Shift Days  
Salary Range Commensurate with education, experience, and qualifications  
Reports to Senior Director of Security Compliance  
Full-Time/Part-Time Full-Time  
Exempt/Non-Exempt Exempt  
Open Date 8/15/2018  
Location Shift4 Corporation - HQ (Las Vegas, NV)  
EOE Statement Shift4 is an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.  

This position is currently not accepting applications.

To search for an open position, please go to

Follow us See who works here:

AppOne.comTM 1999-2017 HR Services, Inc.
Click here for technical assistance.