Security Analyst - Application Security (Remote)
Draper
Progressive Leasing
Progressive Leasing is a leading provider of in-store and e-commerce lease-to-own solutions. As an almost 20+ year old FinTech company that has gone from start-up to industry leader, we know how to innovate, simplify, and value all people. We are a company founded on our grit and we are constantly looking to the future. As an ever-evolving group of entrepreneurs and technologists, we strive to do the right thing period in all aspects of our work. We are a subsidiary of PROG Holdings (NYSE: PRG), an exciting FinTech holding company, with three business segments including Progressive, Vive Financial, and Four, a Buy Now Pay Later (BNPL) platform.
We are currently looking for a high-powered Security Analyst to join our team!
The Security Analyst position supports our application security team for the purpose of threat and vulnerability management within PROG developed applications and web application infrastructure. This role will be focused on confirming security scans are being run regularly, automated tickets are being accurately maintained, reviewing reported false positives, responding to occasional security-related pipeline roadblocks, and ensuring engineering teams have the information necessary to remediate reported findings. Documentation, technical aptitude, and knowledge growth are key components of this role.
This position reports to the Director, Information Security and is fully remote, requiring home office space.
YOUR DAY-TO-DAY:
Assist in the support and documentation of DAST, IaC, SAST, and SCA solutions, including operational processes
Support security and technology operations to maintain availability and security of deployed applications
Support the operation of vulnerability scanning
Support the engineering staff in the investigation and remediation of vulnerabilities
Provide AppSec support for Security Operations and Incident Response
YOU'LL BRING:
Knowledge of threats to include common attack vectors, methodologies and payloads/exploits
Knowledge of the OWASP Top Ten and OWASP API Top Ten Projects.
Ability to troubleshoot complex applications
Base application programming knowledge desired
Strong interdepartmental communication skills
Operational experience with security scanning, using tools like BrightSec, Mend, and Snyk
Operational experience with security automation using Python
Operational experience configuring and managing virtual and AWS cloud-based environments
Knowledge of Information Security program development, and roadmap design aligned to security policies, standards, guidelines, etc.
Knowledge of penetration testing methodologies and practices
Knowledge of forensic practices and procurement processes
Working knowledge of ITIL including incident, problem, and change management
ADDITIONAL REQUIREMENTS:
AA/AS combined with 1+ years of overall application security experience and/or application development experience
Progressive Leasing welcomes and encourages diversity in the workplace. We do not discriminate in any aspect of employment on the basis of race, color, religion, national origin, ancestry, gender, sexual orientation, gender identity and/or expression, age, veteran status, disability, or any other characteristic protected by federal, state, or local employment discrimination laws where Progressive Leasing does business.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Automation AWS Cloud DAST E-commerce Exploits FinTech Incident response ITIL OWASP Pentesting Python SAST Vulnerabilities Vulnerability management
Perks/benefits: Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.