Information Security Analyst
2 weeks ago
Job Number 24150916
Job Category Information Technology
Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States
Schedule Full-Time
Located Remotely? Y
Relocation? N
Position Type Management
JOB SUMMARY
The Application Security Analyst will assist in monitoring and assessing the security of web applications under the guidance of the Senior Application Security Manager. This role involves supporting the enforcement of security standards, participating in application security risk assessments, and aiding in the documentation and remediation tracking processes. The role is designed to provide hands-on experience in application security within a corporate environment, with a strong focus on learning and development.
CANDIDATE PROFILE
Education and Experience
Required Education and Experience:
Bachelor’s degree in Cybersecurity, Computer Science or related field or equivalent experience/certification
2+ years of information technology experience
Desired Capabilities and Experiences
Strong understanding of basic programming concepts and principals (interpretation, compilation, loops, control structures, data types)
Basic understanding of security testing methodologies, tools, and approaches
Basic understanding of OWASP Top 10 and its implications to software security
Basic understanding of common software development practices and procedures (version control, testing, patching, CI/CD)
Basic understanding of the Software Development Lifecycle (SDLC).
Proficiency in Microsoft Word, PowerPoint, and Excel
Excellent communication skills.
Strong interest in cybersecurity and a willingness to learn on the job.
Current information security certification, including: GSEC, GSIF, CySA+, Security+, CEH, GRISC, CISA
Experience in software development (front end or backend developer)
Experience with software security testing
Experience working in a regulated environment (e.g., finance, healthcare, government).
Experience with conducting risk assessments and developing risk mitigation strategies.
Solid understanding ofGitHub operations (e.g., cloning, branching, merging, pull requests, issues)
CORE WORK ACTIVITIES
Application Security Risk Management & Tracking
Assist in monitoring compliance with security standards and regulatory requirements related to web application security.
Assist in tracking and documenting risk mitigation efforts, ensuring timely resolution of identified issues.
Support the Senior Manager in tracking and documenting application security risks and remediation efforts.
Learn and assist in the use of security tools such as GitHub Advanced Security for basic operations (e.g. Tracking & Reporting Issues).
Work closely with development teams to integrate risk management practices into the software development lifecycle.
Gain exposure to security frameworks and standards such as OWASP, under the mentorship of the Senior Manager.
Contribute to the development and maintenance of compliance documentation, including policies, procedures, and control frameworks.
Aid in the use of project management tools like JIRA to track tasks and projects.
Work closely with the Application Security Testing team to understand findings, their relevance and potential impact.
Conduct basic vulnerability research under the guidance of the Senior Manager.
File tickets with development and security teams, monitor ticket flow, volume, and remediation activities.
Participate in audits and assessments to evaluate compliance with internal policies and external regulations.
Review Security Researcher findings through the company Bug Bounty program and pursue remediation when issues are validated.
Managing Work, Projects, and Policies
Coordinates and implements work and projects as assigned.
Complies with Federal and State laws applying to procedures.
Generates and provides accurate and timely results in the form of reports, presentations, etc.
Analyzes information and evaluates results to choose the best solution and solve problems.
Manages the flow of questions and directs questions.
Supporting Operations
Works with team to put sustainable work processes and systems in place that support the execution of the strategy.
Establishes and maintains complete and up-to-date information to ensure accurate reporting.
Represents team in resolving situations.
Maintains and manages inventory and service operations.
Additional Responsibilities
Informs, updates, and provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.
Attends and participates in all relevant meetings.
Presents ideas, expectations and information in a concise, organized manner.
Uses problem solving methodology for decision making and follow up.
Maintains positive working relations with internal customers and department managers.
Manages time effectively and conducts activities in an organized manner.
Performs other reasonable duties as assigned by manager.
The salary range for this position is $63,150 to $115,775 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus.
Washington Applicants Only: Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.
All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.
Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.
The application deadline for this position is 28 days after the date of this posting, August 28, 2024.
Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.
Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work, begin your purpose, belong to an amazing global team, and become the best version of you.
-
Information Security Analyst
1 week ago
Iowa City, Iowa, United States Lucid Technologies Full timePosition Overview:Role: SOC Analyst 2Location: HybridInterview Format: Web Cam Interview Only, 2nd shift [4pm to 12:30 am] Wednesday - Sunday (Monday and Tuesday off)General Summary:This role is integral to the operations of the Security Operations Center (SOC) within the State of Iowa's Office of the Chief Information Officer (OCIO). The primary focus is to...
-
Information Security Analyst
1 week ago
Iowa City, Iowa, United States Lucid Technologies Full timePosition Overview:Role: SOC Analyst 2Location: HybridInterview Process: Web Cam Interview Only for 2nd shift [4pm to 12:30 am] Wednesday - Sunday (Monday and Tuesday off)General Overview:This role is integral to the operations of the Security Operations Center (SOC) within the organization. The primary focus is to manage tier two triage for IT issues and...
-
Information Security Analyst III
1 week ago
Missouri City, United States Infojini Consulting Full timeThe Information Security Analyst is responsible for improving and maintaining a comprehensive Information Security Program for Bi-State Development. It would include working with all aspects of the BSD environment including the SCADA network and radio maintenance teams to ensure compliance to all mandates from the FTA, Homeland Security Department, and any...
-
Information Security Analyst III
1 week ago
Missouri City, United States Infojini Full timeThe Information Security Analyst is responsible for improving and maintaining a comprehensive Information Security Program for Bi-State Development. It would include working with all aspects of the BSD environment including the SCADA network and radio maintenance teams to ensure compliance to all mandates from the FTA, Homeland Security Department, and any...
-
Information Security Officer
4 weeks ago
Oklahoma City, United States First Fidelity Bank Full timeJob DetailsLevel Experienced Job Location Corporate Office - Oklahoma City, OK Position Type Full Time Education Level 4 Year Degree Description The Information Security Officer is responsible for overseeing and reporting on the management and mitigation of information security risks across the Bank and is accountable for the results of this oversight and...
-
Security Operations Director
3 days ago
Oklahoma City, Oklahoma, United States Marksman Security Full timeJob Summary:Marksman Security Corporation is seeking a seasoned professional to fill the role of Director of Security Operations. As a key member of our team, you will be responsible for overseeing security personnel, ensuring the site is properly staffed and officers are trained and motivated.The ideal candidate will have previous experience in corrections,...
-
Information Security Governance Analyst
3 weeks ago
Foster City, United States A Society Group, Inc. Full timeJob DescriptionJob DescriptionJoin one of the most exciting startups in the automotive industry!We are seeking a highly skilled Information Security Governance Compliance Analyst who will be responsible for ensuring that the organization adheres to established information security governance, risk management, and compliance (GRC) frameworks. This role...
-
Information Security Governance Analyst
1 month ago
Foster City, United States A Society Group, Inc. Full timeJob DescriptionJob DescriptionJoin one of the most exciting startups in the automotive industry!We are seeking a highly skilled Information Security Governance Compliance Analyst who will be responsible for ensuring that the organization adheres to established information security governance, risk management, and compliance (GRC) frameworks. This role...
-
Information Security Risk Management Analyst
2 weeks ago
Foster City, California, United States LanceSoft, Inc. Full timeJob Title: Information Security Governance AnalystLocation: RemoteDuration: 6+ MonthsPay Rate: $80.00/hourPosition Overview:We are looking for a proficient Information Security Governance Compliance Analyst who will play a crucial role in ensuring that our organization complies with established information security governance, risk management, and compliance...
-
Security Operations Analyst
3 weeks ago
Oklahoma City, Oklahoma, United States Teradata Full timeWe are looking for an analyst to join our security operations team. The analyst will support the effective and efficient operations of the Security Operations Center, including next-gen artificial intelligence (AI) and machine learning (ML) cyber security technologies, threat report generation, incident monitoring/response, and vulnerability management. This...
-
Information Systems Security Officer
4 weeks ago
Bossier City, United States General Dynamics Information Technology Full timeType of Requisition:RegularClearance Level Must Currently Possess:Top Secret/SCIClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Other Required:Job Family:Information SecurityJob Qualifications:Skills:Information Systems, Security Operations, Systems SecurityCertifications:Experience:1 + years of related experienceUS...
-
Security Analyst
2 weeks ago
Oklahoma City, United States Delaware Nation Industries Full timeOverview: Security Analyst Delaware Nation Investments/Emerging Technologies is seeking a highly qualified and motivated Security Analyst to join our team. We work with the Air Force Sustainment Center (AFSC) located at Tinker AFB, Hill AFB, Robins AFB, and Wright Patterson AFB Advisory & Assistance for cybersecurity, network operations, and system...
-
Security Analyst III/IV
2 weeks ago
Oklahoma City, Oklahoma, United States Nutanix Full timeJob OverviewThe Security and Safety team is dedicated to providing exceptional leadership, services, and solutions aimed at protecting individuals and the environment, securing company information and assets, and enhancing operational efficiency across the organization. The Security Analyst plays a crucial role in ensuring that effective security and safety...
-
Arkansas City, United States Arkansas Blue Cross Full timeTo learn more about Arkansas Blue Cross and Blue Shield Hiring Policies, please click here. Applicants must be eligible to begin work on the date of hire. Applicants must be currently authorized to work in the United States on a full-time basis. ARKANSAS BLUE CROSS BLUE SHIELD will NOT sponsor applicants for work visas in this position. Arkansas Blue Cross...
-
Application Security Analyst III
3 days ago
Oklahoma City, United States Paycom Full timeJob DetailsLevel Experienced Job Location Multiple: Grapevine, TX - Oklahoma City, OK Position Type Full Time Education Level Bachelor's Degree Travel Percentage None Job Category Information Technology Description The Application Security Analyst III position exists to protect the security posture of the Paycom application through tasks such as advanced web...
-
Application Security Analyst III
2 days ago
Oklahoma City, United States Paycom Online Full timeThe Application Security Analyst III position exists to protect the security posture of the Paycom application through tasks such as advanced web application penetration testing, code review, tool use, and other as-needed security reviews. Additional tasks include work to develop or improve existing projects that contribute to application security, and user...
-
Application Security Analyst
2 days ago
Oklahoma City, United States Paycom Online Full timeThe Application Security Analyst I position exists to protect the security posture of the Paycom application through tasks such as web application penetration testing, code review, tool use, and other as-needed security reviews. Additional tasks include work to develop or improve existing projects that contribute to application security, and user...
-
Information Security Analyst, Journeyman
3 months ago
Elizabeth City, United States MILVETS Systems Technology, Inc. Full timeJob DescriptionJob DescriptionMILVETS is currently seeking to fill a full-time Information Security Analyst, Journeyman - (Secret Clearance) position.Location: Elizabeth City, NCProject: USCG ALC ISDClearance: United States Department of Defense Active Secret ClearanceFull Time, Salary: CompetitiveShift: 1stPosition Start: March 2025 (Pending Contract...
-
Intermediate Security Analyst
2 months ago
Oklahoma City, United States InsideHigherEd Full timeOrganizationThe mission of the University of Oklahoma is to provide the best possible educational experience for our students. The CyberSecurity Analyst will work within a team in multiple areas of IT security operations across all campuses to help ensure that experience is safe for not just the student body, but the faculty and staff as well. They will...
-
Information Security Analyst
1 week ago
Panama City, United States TEKsystems Full timeDescription: Specific tasks include the following: Responsible for Cyber Security of Civil Engineer (CE) owned FRCS: - Appointed in writing by the Enterprise Information System Security Manager (ISSM) as the Information System Security Officer (ISSO) for the CE control system Community of Interest Network Enclave (COINE). - Responsible for creating and...
