AVP, Application Security Dynamic Analyst

Job Category: Information Technology (IT)
Job Type: Full Time
Job Location: United States
Salary: $95 000.00 - $160
Company Name: Synchrony

Job Description

Role Summary/Purpose:

AVP, Application Security Dynamic Analyst will be responsible for the development and implementation of effective security controls pertaining to information systems. A significant part of this role’s focus is to ensure successful execution of Dynamic Application Security Testing (DAST) and web application security assessments on custom-coded applications, review security findings with application teams, and support remediation tracking.

We’re proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.

Essential Responsibilities

  • Execute DAST and web application security assessments for custom-developed internal and external-facing applications including web applications, web services, and API’s, utilizing enterprise DAST platforms and tooling
  • Partner with developers to perform False Positive Analysis and audit/triage of findings to ensure true positives are identified and addressed
  • Validate remediation of DAST and web application security assessment findings
  • Configure, analyze, and troubleshoot DAST scans, scanner traffic/logs, and ensure high fidelity results for successful execution of DAST scans
  • Consistently enforce application security requirements as defined in applicable Standards, Procedures, and Job Aids, identifying and escalating instances of non-compliance
  • Operate in an Agile development environment, understanding tools, concepts, and methodologies
  • Contribute towards maturing application security processes, standards, and guidelines
  • Create and enhance internal documentation, e.g. job aids and run books
  • Support the collection of data and documentation in support of examinations/audits
  • Perform other duties and/or special projects as assigned.

Qualifications/Requirements

  • Bachelor’s degree and a minimum 3 years of work experience in IT OR in in lieu of a degree, a High School Diploma/GED and minimum 5 years work experience
  • In-depth knowledge and experience in Dynamic Application Security Testing (DAST) and manual web application assessments
  • Knowledge and understanding of common security vulnerabilities and weaknesses, including OWASP Top 10
  • Hands-on experience with any of the following application security assessments tools: Micro Focus WebInspect and WebInspect Enterprise, Burp Suite Professional, or other commonly used DAST enterprise tools

Desired Characteristics

  • Industry certifications such as CISSP, CSSLP, Security+, or C|EH are a plus
  • 3 or more years with Secure coding practices/System Integration
  • Financial services industry experience
  • Excellent written and verbal communication skills along with the proven ability to present complex, technical information to both technical and non-technical audiences.
  • Awareness of the latest cybersecurity trends and developments.
  • Equivalent work experience and a proven track record in the field of Software Development and/or Information security

Grade/Level: 10

The salary range for this position is 95,000.00 – 160,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements

  • You must be 18 years or older
  • You must have a high school diploma or equivalent
  • You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
  • You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
  • New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).
    APPLY

Apply for this position

Allowed Type(s): .pdf, .doc, .docx