Senior Application Security Analyst
Around since 1994, Arise Virtual Solutions Inc. has created a disruptive technology platform that connects the world’s biggest brands with the largest network of gig-economy Service Partners in the BPO industry. Owned by Warburg Pincus, one of the world’s largest Private Equity Firms, Arise is the work-from-home pioneer and now the CX Transformation trailblazer. We are changing the way the world works with every major brand that we support. Come be a part of the revolution as a regular-full-time employee of Arise Virtual Solutions!
Our Core Values:
- Relentlessly Pursue Excellence
- Empower People & Partners
- Make a Difference
- No Boundaries
- Embrace Possibilities
The Information Security team at Arise is looking for a Senior Application Security Analyst to join our team. You will report into the Senior Director of Information Security.
The ideal candidate is someone with recent experience in an enterprise role as an application security engineer, that has an intermediate to a strong background in application development. This candidate will be the SME for application security on our small but growing security team and bring their experience securing enterprise web and client/server applications hosted in on-premises and cloud environments. To be successful in this role, the candidate will be knowledgeable about common threats, attacks, and the techniques used by bad actors to compromise applications and effectively communicate safeguards and countermeasures to mitigate identified security and privacy risks to a small team of developers and their IT leadership.
What you will be doing:
- Act as advisor to product teams, providing practical advice on secure design, coding and testing including cloud technologies, practices and processes
- Create threat models for new and existing software, assess vulnerabilities and provide mitigation recommendations to engineers
- Correlate information from a variety of tools and processes to identify security insights, and opportunities to increase resiliency from a wide range of attacks
- Establish security requirements for cloud-based solutions by evaluating business strategies and requirements
- Provide domain expertise in container security and public cloud technology
Our new team member will bring:
- Understanding of common security vulnerabilities as described in the OWASP Top 10 and SANS 25 as well as their remediation
- Proven track record in secure development practices such as threat modeling, secure design, secure code review/assessments, and the use of static and dynamic analysis tools in a product security engineering environment. Experience with Github Enterprise and associated security.
- Experience with application security control frameworks and its current usage in modern distributed web applications (e.g., Authentication, Cryptography and Data Protection, Authorization, Web Service Security, Security Headers)
- Understanding of cloud security controls and the specific challenges in securing cloud-based solutions
- Mobile App security experience
- Understanding and ability to communicate the techniques, tactics and practices of an attacker to engineers and business stakeholders who are part of a globally dispersed team
Competitive Compensation and Benefits which include:
- Joining a diverse group of awesome individuals Making a Difference every day
- ~70% of your Health/ Dental/ Vision/ Flex Spending Benefits paid by Arise
- 401k – 40% match starting on day 1
- Tuition Reimbursement of $4,000 each year!
- Generous PTO Plan starting from day 1
- 9 holidays and 1 Diversity Day
- Maternity & Paternity Paid Leave
- Life and Disability Insurance 100% paid by Arise
- Work hard AND have FUN! We play a lot at Arise.
When smart creative and passionate people get together, the results are astounding and the opportunities limitless! Achieve your potential at Arise.
Diversity creates a healthier atmosphere: equal opportunity employer M/F/D/V