Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Application Security Analyst

Michigan Health Information Network

Application Security Analyst

Grand Rapids, MI
Full Time
Paid
  • Responsibilities

    The Application Security Analyst partners with development and deployment teams, Product Marketing Managers, and Product Engineers throughout the entire SDLC to ensure MiHIN products are designed, developed, and deployed in a secure manner. The Application Security Analyst also works closely with Security Operations to design security and privacy monitoring requirements.

    WHAT YOU WILL DO: 

    • Partner with agile squad to design secure application architectures.
    • Facilitate application security architecture reviews and threat modeling.
    • Create and execute dynamic testing plans, collaborating closely with development and deployment team members on remediation.
    • Support application security vulnerability program.
    • Design and implement automated security testing to validate adherence to secure coding best practices.  Collaborate closely with development team members on remediation.
    • Design and document security logging and monitoring requirements.
    • Recommend enhancements to application security processes.
    • Other duties as assigned.

     

    WHAT YOU BRING: 

    • BA/BS in IS discipline or equivalent applicable experience
    • Strong technical aptitude with 5+ years of hands-on Application Security or Application Development experience
    • Strong scripting skills (Python, BASH)
    • Understanding of RESTful and SOAP API communication
    • Experience with OWASP and Dynamic and Static testing tools (SonarCloud, Burp Suite Pro, Backtrack, Qualys, Nessus, Metasploit, Kali, tcpdump, wireshark, nmap, etc.)
    • Experience creating reports detailing test results
    • Demonstrated knowledge in securing AWS serverless architectures and secure coding practices
    • Experience providing security services in an agile development framework
    • Demonstrated understanding of HIE operations and applicable security and privacy legislation.
    • Knowledge of core internet and networking protocols (DNS, DHCP, TCP/IP, ARP, HTTP, HTTP/S, SSH), IP communication, OSI layers, packet structure and troubleshooting
    • Encourages and participates in knowledge sharing with other team members

    OTHER KNOWLEDGE, SKILLS & ABILITIES:

    • Strategic thinker balanced with a grasp of details.
    • Excellent verbal and written communication with an ability to articulate complex topics in a clear and concise manner
    • Service-oriented with demonstrated diplomacy and collaboration skills.
    • Self-motivated with excellent analytical and organizational skills.
    • Ability to think like an attacker and a detailed understanding of defensive and offensive security.
    • Advanced critical thinking and problem-solving skills with a proven ability to quickly analyze large amounts of data and making sound decisions.
    • Strong focus on execution and delivery with ability to make recommendations

     

    At MiHIN, we are an Equal Opportunity Employer who recognizes that our diversity is our greatest strength. We draw on the differences in who we are, what we've experienced, and how we think to best serve our stakeholders and our communities. 

    Because our family of companies serve everyone, we believe in including everyone.  This means we strive to hire qualified employees that are diverse in thinking and in race, gender, gender identity and/or gender expression, age, religion or belief, sexual orientation, physical, mental, or sensory disability, citizenship, family or partnership status, socio-economic upbringing, and more. 

    We believe diversity and inclusion among our teammates is critical to our success as an organization, and we seek to recruit, develop, and retain the most talented people from a diverse candidate pool.