Job Title: Application Security Integration Analyst/Engineer
Location: Raleigh, NC (Hybrid) Preferred or Remote (East Coast)
Duration: 1 year (Renewable)
Experience: Minimum 5 years (More experience is acceptable for this analyst role)
Job Type: Full-time
What We Do
We are the Application Security team within an Information Security organization, driving the adoption of secure architectures and processes. We contribute to the security and data protection needs of an enterprise that is continually evolving its business models.
What You Do
• You will play a role in assisting groups to securely develop and operate their applications and platforms by aligning to industry standard methodologies, compliance, and privacy requirements using Secure Development Lifecycle and industry framework and methodologies.
• Perform risk identification, impact analysis, and then assist application teams develop security readiness plans with measurable objectives.
• Assist application teams in meeting their adoption goals using security controls, processes, and objectives, helping them with adoption of automated and manual security validations.
• Security reviews of new and existing data integrations and update data flow description document.
• Provide security expertise to lead application teams to create and/or update existing threat models for their services.
• Provide security consultation for all aspects of application security compliance, risk management, and remediation.
• Drive effectiveness and efficiency into improving various security processes and procedures.
• This is a dynamic role and an excellent opportunity to move into cybersecurity field from an adjacent field and join a world-class security organization.
What You Have
• Relevant experience and/or training in various areas including cybersecurity, software development, compliance and risk management, or security operations analysis.
• Foundation in various security domains and technologies such as web security, cloud security, identity/access management, web application firewalls (WAF), intrusion detection/prevention (IDS/IPS), static/dynamic application security testing (SAST/DAST) and software composition analysis (SCA).
• Knowledge of modern SSO authentication methods: SAML, OIDC, OAuth, etc.
• Understand web application n-tier architectures, public cloud computing and deployment models, and secure coding controls as detailed by organizations like OWASP and SANS.
• Familiarity with and ability to understand business objectives, business context, and security risk. Cisco Confidential
• Ability to stay current on security issues that are present within the industry.
• Possess out-of-the-box thinking, analytical reasoning, and creative problem-solving skills.
• Act decisively, are hard-working, highly motivated, and eager to significantly impact Cisco and make it more secure! Minimum/Preferred Qualifications
• 5+ years of combined professional experience in information technology including relevant graduate studies.
• Working knowledge of IaaS cloud service providers (AWS/GCP/Azure) and deployment models.
• Additional technical training or cybersecurity related certifications, including but not limited to ISC2 or SANS GIAC is preferred.
ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.
