Lead Application Security Analyst
3 weeks ago
Sodexo North America's IT & Cybersecurity Team is seeking a Lead Application Security Analyst to join our dynamic cybersecurity team.
This is a remote role with the preferred candidate residing in the Eastern or Central time zones
The ideal candidate will be responsible for identifying vulnerabilities in our applications, conducting security assessments, consulting with our application and database subject matter experts on how to remediate found vulnerabilities, and ensuring the integrity and confidentiality of our systems. The role requires a thorough understanding of application security principles, excellent analytical skills, and the ability to effectively communicate security risks to stakeholders.
The successful candidate will:
Conduct regular security assessments and penetration testing of applications to identify vulnerabilities and weaknesses.
Analyze and interpret security scan results, identifying false positives and prioritizing remediation efforts.
Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC).
Review code and application designs for security flaws and provide recommendations for improvements.
Under the guidance of the CISO, develop and maintain security policies, standards, and procedures related to application security.
Stay updated on the latest security threats, vulnerabilities, and industry best practices such as OWASP and NIST controls to ensure the effectiveness of security measures.
Provide guidance and support to junior members of the security team.
Participate in the evaluation and selection of security tools and technologies to enhance application security posture.
Assist other IT & Cybersecurity functions if/where needed.
Is this the right opportunity for you? We are seeking candidates that have/are:
Associate Degree with relevant certifications as listed below. Bachelor's degree with an emphasis in Information Security or Audit, or related field preferred
3+ years of experience in application security, including hands-on experience with security testing tools and techniques.
Strong understanding of web application security principles, including OWASP Top 10 vulnerabilities.
Proficiency in programming languages such as Java, Python, or JavaScript, with the ability to review and understand code.
Experience with security assessment tools such as Burp Suite and Qualys.
Knowledge of secure coding practices and common security controls such as encryption, authentication, and authorization.
Familiarity with security standards and frameworks such as ISO 27001, NIST Cybersecurity Framework, or PCI DSS.
Excellent analytical and problem-solving skills, with the ability to effectively prioritize and manage multiple tasks.
Strong communication skills, with the ability to clearly convey technical information to both technical and non-technical stakeholders.
Relevant certifications such as CISSP, CEH, GWAPT, SANS or CSSLP are a plus.
Sodexo offers a full array of benefits including paid time off, holidays, medical, dental, vision, 401K and access to ongoing training and development programs, tuition reimbursement, plus health and wellness programs.
Not the job for you?
At Sodexo, we have numerous IS&T positions that support this and other initiatives with similar goals. .
Working for Sodexo:
Sodexo fosters a culture committed to the growth of individuals through continuous learning, mentoring and career growth opportunities. Our IS&T team supports 13,000 locations across North America and collaborates with the entire Sodexo Group, spanning 72 countries. Sodexo empowers its employees who have developed a thorough understanding of the organization to create their own .
#LI-Remote
What We Offer:
Sodexo offers fair and equitable compensation, partially determined by a candidate's education level or years of relevant experience. While the budgeted range for the position is posted, Sodexo salary offers are based on a candidate's specific criteria, like experience, skills, education and training.
Qualifications & Requirements:
Basic Education Requirement - Bachelor’s Degree or equivalent experience
Basic Functional Experience - 3 years of experience in information security
Sodexo is an EEO/AA/Minority/Female/Disability/Veteran employer.
-
Cyber Security Analyst, Junior
6 days ago
Maryland, United States Technology Security Associates Full timeJHNA Technology Security is seeking a Cyber Security Analyst to serve as an Information System Security Engineer (ISSE) for the support of tasking that involves the analysis of the posture of systems in support of system certification and accreditation. Duties/Responsibilities: A junior level person is responsible for assisting more senior positions and/or...
-
Information Security Analyst, Senior
7 days ago
Maryland, United States American Systems Full timeJob Title / Level Information Security Analyst, Senior - Top Secret Clearance Clearance Required? Top Secret Location: Patuxent River, MD 20670 US (Primary) % Travel 0 - 10% Job Description We are looking for an Information Security Analyst with demonstrated experience planning, documenting, implementing, upgrading, and monitoring security measures for the...
-
Sample Analyst
7 days ago
Gaithersburg, Maryland, United States Eurofins USA PSS Insourcing Solutions Full timeJob Description We are seeking a Scientist I Analyst to support drug substances/product testing for our Professional Scientific Services group in the Gaithersburg, MD area. Analyst responsibilities include, but are not limited to, the following : Candidate will be responsible for testing drug substances and products by established site-specific GxP, SOP,...
-
Security Analyst/Engineer
3 weeks ago
Maryland Heights, United States Brooksource Full time*Security Analyst/Engineer**On-going Contract**St. Louis - HYBRID - Must be in St. Louis or willing to relocate*Brooksource's Fortune 500 telecommunication client is looking for an information Security Analyst/Engineer. This Security Analyst/Engineer that will participate in a vulnerability management project regarding network specific devices. The role will...
-
Information Security Analyst
3 weeks ago
Hanover, Maryland, United States Allegis Group Full timeOverview: Job Summary: The Information Security Analyst, for Threat & Vulnerability, will provide service and operational support to all ACS Information Security Office service offerings and capabilities. The InfoSec Analyst will support project work upon request. The Threat & Vulnerability Analyst will be responsible for consuming threat...
-
Security Centric DevSecOps Lead
6 days ago
Gaithersburg, United States AstraZeneca, plc Full timeAt Evinova, while we innovate to transform patient care through technology, we prioritize the security of our digital solutions to meet and exceed the exacting requirements of the healthcare industry. Transform billions of patients lives through tec Security, Lead, Clinical Research, Customer Experience, Healthcare, Cloud
-
Information Security Analyst, Junior
7 days ago
Maryland, United States InDyne Full timeInDyne is a full-service military, civilian and commercial operations company. Our Mission is to provide tailored cost effective, quality services and solutions. Our Vision is to exceed customer expectations by delivering results through agility, flexibility and responsiveness. Our Core Values include integrity, trust and loyalty. RT&T, a joint venture of...
-
Business Systems Analyst
17 hours ago
Gaithersburg, United States TRESUME Full timeOverview: We are seeking a skilled and experienced Business Systems Analyst to join our team. As a Business Systems Analyst, you will be responsible for analyzing business processes, identifying areas for improvement, and implementing effective solutions. Your expertise in various technologies and systems will be crucial in ensuring the smooth operation of...
-
Senior Federal Account Executive, Security
4 weeks ago
Gaithersburg, Maryland, United States opentext Full timeOPENTEXT OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of...
-
Senior Federal Account Executive, Security
4 weeks ago
Gaithersburg, United States opentext Full timeOPENTEXT OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of...
-
DevSecOps Lead
3 days ago
Gaithersburg, United States AstraZeneca Full timeTransform billions of patients’ lives through technology, data, and groundbreaking ways of working. You’re disruptive, decisive, and transformative. Someone excited to use technology to improve patients’ health. We’re building a new health-tech business – Evinova, a fully-owned subsidiary of AstraZeneca Group. Evinova delivers market-leading...
-
Senior Business Analyst
2 weeks ago
Maryland, United States Systems Plus Full timeGot the Government Contractor Blues? Looking for a company that cares and goes beyond just filling another contract billet? Well look no further! Experience this family oriented company who takes pride in you and will help you grow where your passions lie. Holding many Defense & Federal government contracts around the globe, with Systems Plus you have the...
-
Business Analyst
2 weeks ago
Maryland Line, United States Ageatia Global Solutions Full timeThe Lead Business Analyst will have the responsibility to be proactive in order to understand and assess business solutions and to identify areas to strengthen the operational effectiveness and excellence, leverage technology and improve the quality of process, programs or applications for the Business area(s). The Lead Business Analyst will review relevant...
-
Management and Program Analyst
3 weeks ago
Gaithersburg, United States National Institute of Standards and Technology Full timeSummary NIST works with industry and science to advance innovation and improve quality of life. We're looking for a Management and Program Analyst to join our team! Duties The (MEP) is based at NIST and its mission is to enhance the productivity and technological performance of . manufacturing. MEP is a public-private partnership. Through its...
-
Junior Data Analyst
2 weeks ago
Gaithersburg, United States The Scientific Consulting Group Full time[Consulting firm in Gaithersburg, MD, is seeking for a Junior Data Analyst to join our team. [The Junior Data Analyst at SCG will be a trained analytics professional with proficient knowledge of web, social, and email data and analytics. In this role, you will collaborate closely with technical and nontechnical staff to produce and maintain analytics...
-
Program Manager/Cyber Security Lead
3 weeks ago
Adelphi, Maryland, United States Link Solutions, Inc. Full timeJob Description Link Solutions Inc. is seeking a Program Manager/Cyber Security Lead to join our team in Adelphi, Maryland. Must be a US Citizen Non-remote (relocation incentive available) The Program Manager/Cyber Security Lead will be responsible for providing cybersecurity engineering and mission support to ensure the protection,...
-
Linthicum Heights, Maryland, United States University of Maryland Medical System Full timeJob Description General Summary Under minimal supervision gathers and analyzes user needs for developing and modifying clinical or business applications in the healthcare environment. Leads documentation, writing specifications, fact-finding, analyzing results, proposing solutions and/or recommendations, in addition to building, configuring and/or...
-
Security & Compliance Engineer
1 week ago
Maryland Line, United States Trapeze Group Full timeJob Summary: We are seeking a skilled and knowledgeable Security and Compliance Engineer to join our information technology and security team. As a Security and Compliance Engineer, you will play a crucial role in maintaining and enhancing our security posture and ensuring compliance with various regulatory standards such as GDPR, CCPA, PCI-DSS, ISO 27001,...
-
Security & Compliance Engineer
3 days ago
Maryland Line, United States Trapeze Group Full timeJob Summary: We are seeking a skilled and knowledgeable Security and Compliance Engineer to join our information technology and security team. As a Security and Compliance Engineer, you will play a crucial role in maintaining and enhancing our security posture and ensuring compliance with various regulatory standards such as GDPR, CCPA, PCI-DSS, ISO 27001,...
-
.Net Lead
2 weeks ago
Maryland Line, United States Tekfortune Inc Full timeJob Role: .Net Lead Job Location: Hunt Valley, MD ( Try to share local profiles)Required Skill/ JD Position is for an experienced application analyst with hand on technical skills on a distributed system development / maintenance using AWS technologies. Windows EC2 Servers on AWS, .NET and MSSQL Database experience. Good knowledge on the SDLC process and...