Application and Security Management Analyst

Principal Responsibilities

Collaborate with technical and business teams to address security flaws and implement remediation plans.

Oversee application security tasks ensuring alignment with audit requirements and internal policies.

Support change and incident management processes with a focus on high-priority incidents (P1 & P2).

Provide guidance to development and support teams on security-related ticket requirements and process expectations ensuring SLA compliance.

Act as a liaison with internal stakeholders to ensure clear communication and quality engagements.

Support governance and administrative functions including audit preparation and policy development.

Compile and deliver regular reports including weekly monthly and OSM-specific security metrics.

Required Key Skills (Functional / Technical)

Application Security & Vulnerability Management

Familiarity with Common Vulnerability Scoring System (CVSS)

Experience with tools like OWASP ZAP, Veracode, Rapid7 (on-prem) and cloud vulnerability management and CSPM

Track and assist in the closure of identified vulnerabilities working closely with IT and Development teams

Review and maintain secure configurations for systems, applications and network devices

Security Fundamentals

Working knowledge of encryption, authentication and secure data transmission

Knowledge of network security principles and firewall configurations

Familiarity with SSO and MFA using OKTA and directory services such as MS Active Directory

Experience with CyberArk PAM for privileged access management

Security Information and Event Management (SIEM)

Use of Splunk SIEM for real-time threat detection and log analysis

Review and optimise SIEM use cases to enhance threat detection and response capabilities

Monitoring & Endpoint Security

Experience with Tanium and MS Defender for server and endpoint security management

Familiarity with IBM Guardium for database activity monitoring

Exposure to Cyera for data identification and classification

Cloud & Infrastructure Security

Experience with cloud security posture management (CSPM) and IaC scanning

Understanding of secrets management using AWS Secrets Manager, Azure Key Vault or GCP Secrets Manager

Familiarity with Thales and AWS KMS / HSM for key management

Other Tools & Platforms

Knowledge of SailPoint for identity governance

Experience with CyCognito for external attack surface management

Familiarity with Imperva for WAF, DDoS and botnet protection

Exposure to ProofPoint and MS Office365 Message Security for email security

Use of 1Password for credential management

Awareness of Netwrix for password policy enforcement

Qualifications : Qualifications

• Educational Background
• Degree or equivalent qualifications and experience in Computer Science, Information Technology, Data or a related field; Technical & Security Experience
• Experience with automated and manual methods for evaluating security controls in both on-prem and cloud environments
• Experience in monitoring and reporting on security flaws and supporting related remediation activities
• Familiarity with change management processes in technology environments; Risk Controls & Compliance
• Contribute to accurate statistical reporting on the markets IT security posture
• Ensure first line of defense (1LoD) ownership of non-compliance issues, exception justifications, mitigation controls and risk documentation
• Ensure accuracy and timely completion of control testing and remediations
• Collaborate with Security Partners, RISOs and other governance functions to drive remediation of identified security deficiencies
• Ability to compile management reports and presentations on technical risks, controls and deficiencies; Communication & Collaboration
• Strong ability to communicate complex information clearly and effectively
• Good collaboration, relationship-building and interpersonal skills
• Act as primary liaison with internal local and regional stakeholders ensuring quality engagements and clear progress updates

Additional Information :

Our uniqueness is that we celebrate yours. Experians culture and people are important differentiators. We take our people agenda very seriously and focus on what matters; DEI work / life balance development authenticity collaboration wellness reward & recognition volunteering... the list goes on. Experians people first approach is award-winning; Worlds Best Workplaces 2024 (Fortune Top 25), Great Place To Work in 24 countries and Glassdoor Best Places to Work 2024 to name a few. Check out Experian Life on social or our Careers Site to understand why.

Experian is proud to be an Equal Opportunity and Aff... (EEO statement continues)

Experian Careers - Creating a better tomorrow together

Find out what it's like to work for Experian by clicking here

Remote Work : Yes

Employment Type : Full-time

Key Skills

Databases,IT Experience,Iis,SQL,.NET,Microsoft SQL Server,Visio,Epic,Systems Analysis,Oracle,Cerner,Application Support

Department / Functional Area :

Customer Service

Experience : years

Vacancy : #J-18808-Ljbffr