• Application Security Analyst

    Job Locations India-Gurgaon
    ID
    2019-5832
    Function
    Cyber Security and IT Support
  • Introduction

    The Economist Group logo

     

    The Economist Group is the leading source of analysis on international business and world affairs. We deliver our information through a range of formats, from newspapers and magazines to conferences and electronic services. What ties us together is the objectivity of our opinion, the originality of our insight and our advocacy of economic and political freedom around the world.

     

    The role of the Application Security Analyst is to perform activities related to security and privacy by design in the application developed by The Economist Group and integrate security controls throughout the application development life cycle. The job holder is responsible for establishing, implementing, monitoring, reviewing and improving a suitable set of controls for the prevention of threats to the security of our applications and information assets, ensuring the business objectives of the organization.

    Accountabilities

    How you will contribute:

     

    Application Security

    • Integrate security design principles, tools and processes seamlessly into the application development lifecycle
    • Lead and coordinate application security testing tasks
    • Conduct security code review, identify gaps for improvement and ensure security best practices are followed
    • Ensure that the results of testing and remediation progress are communicated effectively to stakeholders
    • Lead the prioritization of security testing results and ensure that findings are remediated as required.
    • Accurately track security risks and mitigation activities to support risk governance 
    • Recommend security controls and identify solutions that support business objectives
    • Perform threat modeling as part of the application security pipeline at an early phase and develop controls to manage risks
    • Identify and communicate at all levels (evangelising) relevant security threats to The Economist’s application platforms
    • Enhance the overall posture in application security and drive cultural change in a collaborative manner

     

    Others

    • Participate in the Security Operations Centre (SOC) to identify, analyze and escalate security related events
    • Prevent loss, damage, theft or compromise of information assets and interruption to the organization’s operations
    • Protect against loss of sensitive data.  Identify and prevent suspicious data movements
    • Participate in and / or lead as required incident response, from discovery through to recovery, lessons learned and remediation

    Experience, skills and professional attributes

    The ideal skills for this role include:

     

    • University degree (or equivalent). Math, science or computer science preferred
    • Proven experience in programming languages (eg Python, Javascript)
    • Experience in AWS cloud environment
    • Strong understanding of OWASP Top 10
    • Excellent, demonstrable, customer service skills
    • Excellent communication (spoken and written) and interpersonal skills.
    • Organized, analytical, practical – good attention to detail
    • Good influencing skills.  Able to deal with all levels of the organization.
    • Able to take the initiative.  Positive ‘can do’ attitude and a determination to succeed
    • Diligent, able to work to deadlines while managing multiple priorities
    • Inquisitive, able to solve problems and come up with solutions
    • Curious, innovative, willing to challenge conventional approaches and test new ones
    • Security-related certification such as CISSP, CISM, CEH or OSCP is highly desirable.
    • International work experience desirable
    • Experience in the media and entertainment or another lightly regulated industry desirable
    • Experience with risk management, compliance, audit, business continuity or finance desirable
    • Demonstrable experience of security incident response desirable 
    • Ability to clearly communicate needs and statuses
    • Ability to accurately estimate effort, set and meet deadlines
    • Facility with numbers and mathematical analysis
    • Ability to oversee and communicate regulatory compliance
    • Ability to influence others without direct managerial authority
    • Demonstrable enthusiasm / passion for governance and control

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed