Application Security Analyst

Remote - Ann Arbor, MI

The Application Security Analyst partners with development and deployment teams, Product Marketing Managers, and Product Engineers throughout the entire SDLC to ensure MiHIN products are designed, developed, and deployed in a secure manner. The Application Security Analyst also works closely with Security Operations to design security and privacy monitoring requirements.

What you will do: 

  • Partner with agile squad to design secure application architectures.
  • Facilitate application security architecture reviews and threat modeling.
  • Create and execute dynamic testing plans, collaborating closely with development and deployment team members on remediation.
  • Support application security vulnerability program.
  • Design and implement automated security testing to validate adherence to secure coding best practices.  Collaborate closely with development team members on remediation.
  • Design and document security logging and monitoring requirements.
  • Recommend enhancements to application security processes.
  • Other duties as assigned. 

What you bring: 

  • BA/BS in IS discipline or equivalent applicable experience
  • Strong technical aptitude with 5+ years of hands-on Application Security or Application Development experience
  • Strong scripting skills (Python, BASH)
  • Understanding of RESTful and SOAP API communication
  • Experience with OWASP and Dynamic and Static testing tools (SonarCloud, Burp Suite Pro, Backtrack, Qualys, Nessus, Metasploit, Kali, tcpdump, wireshark, nmap, etc.)
  • Experience creating reports detailing test results
  • Demonstrated knowledge in securing AWS serverless architectures and secure coding practices
  • Experience providing security services in an agile development framework
  • Demonstrated understanding of HIE operations and applicable security and privacy legislation.
  • Knowledge of core internet and networking protocols (DNS, DHCP, TCP/IP, ARP, HTTP, HTTP/S, SSH), IP communication, OSI layers, packet structure and troubleshooting
  • Encourages and participates in knowledge sharing with other team members

Other Knowledge, Skills & Abilities:

  • Strategic thinker balanced with a grasp of details.
  • Excellent verbal and written communication with an ability to articulate complex topics in a clear and concise manner
  • Service-oriented with demonstrated diplomacy and collaboration skills.
  • Self-motivated with excellent analytical and organizational skills.
  • Ability to think like an attacker and a detailed understanding of defensive and offensive security.
  • Advanced critical thinking and problem-solving skills with a proven ability to quickly analyze large amounts of data and making sound decisions.
  • Strong focus on execution and delivery with ability to make recommendations