Full-Time Application and Security Management Analyst

• Collaborate with technical and business teams to address security flaws and implement remediation plans.
• Oversee application security tasks, ensuring alignment with audit requirements and internal policies.
• Support change and incident management processes, with a focus on high-priority incidents (P1 & P2).
• Provide guidance to development and support teams on security-related ticket requirements and process expectations, ensuring SLA compliance.
• Act as a liaison with internal stakeholders to ensure clear communication and quality engagements.
• Support governance and administrative functions, including audit preparation and policy development.
• Compile and deliver regular reports, including weekly, monthly, and OSM-specific security metrics.

• Application Security & Vulnerability Management: Familiarity with CVSS, OWASP ZAP, Veracode, Rapid7, Wiz.IO. Track and assist in the closure of identified vulnerabilities.
• Security Fundamentals: Knowledge of encryption, authentication, secure data transmission, network security principles, firewall configurations, SSO, MFA using OKTA, MS Active Directory, and CyberArk PAM.
• Security Information and Event Management (SIEM): Use of Splunk SIEM for real-time threat detection and log analysis.
• Monitoring & Endpoint Security: Experience with Tanium and MS Defender. Familiarity with IBM Guardium and Cyera.
• Cloud & Infrastructure Security: Experience with Wiz.IO, AWS Secrets Manager, Azure Key Vault, GCP Secrets Manager, Thales, and AWS KMS/HSM.
• Other Tools & Platforms: Knowledge of SailPoint, CyCognito, Imperva, ProofPoint, MS Office365 Message Security, 1Password, and Netwrix.

Degree or equivalent qualifications and experience in Computer Science, Information Technology, Data or a related field

Experience with automated and manual methods for evaluating security controls in both on-prem and cloud environments. Experience in monitoring and reporting on security flaws.

Contribute to accurate statistical reporting on the market’s IT security posture. Ensure first line of defence (1LoD) ownership of non-compliance issues. Ability to compile management reports and presentations on technical risks, controls, and deficiencies.

Strong ability to communicate complex information clearly and effectively. Good collaboration, relationship-building, and interpersonal skills.

What is the last date for applying to the job?

Which countries are accepted for this remote job?