Integrated Technology Group (ITG) is seeking a Senior Security Analyst in (Amman - Jordan). As a Senior Security Analyst, you’ll be the shield against software threats. Uncover risks, boost our defences, and collaborate with our teams. The Senior Security Analyst is responsible for conducting an in-depth analysis of software code to identify and mitigate security vulnerabilities. Senior Security Analyst will work closely with development teams to ensure that applications are developed with strong security measures.
Responsibilities:
- Conduct in-depth security reviews of complex software code to identify and mitigate advanced vulnerabilities.
- Assist in designing and implementing secure coding practices and architecture standards.
- Conduct threat modelling exercises to identify potential security threats and vulnerabilities.
- Evaluate and recommend security analysis tools to improve the efficiency and effectiveness of code reviews.
- Ensure adherence to security standards, regulatory requirements, and industry best practices.
- Lead security incident response activities and contribute to post-incident analyses.
- Prepare detailed reports on security findings, trends, and recommendations for management and stakeholders.
Provide mentorship and guidance to junior security analysts on code analysis techniques and best practices.
Required Skills
-
Technical:
-
Deep Understanding of Security Principles:
- Knowledge of fundamental security concepts, including confidentiality, integrity, availability, authentication, authorization, and non-repudiation.
- Familiarity with secure coding practices and principles.
-
Proficiency in Security Tools:
- Experience with security tools for code analysis (e.g., static and dynamic analysis tools, SAST, and DAST tools).
- Knowledge of penetration testing tools and methodologies.
-
Programming and Scripting:
- Proficiency in multiple programming languages (e.g., Python, C#, HTML, JavaScript, Flutter) to understand and review code.
- Ability to write scripts to automate security checks and tests.
-
Vulnerability Management:
- Expertise in identifying, assessing, and managing software applications and systems vulnerabilities.
- Knowledge of common vulnerabilities (e.g., OWASP Top Ten) and how to mitigate them.
-
Performance Analysis:
- Understanding of performance testing methodologies and tools.
- Ability to identify performance bottlenecks in code and suggest optimizations.
-
Analytical:
-
Threat Modeling:
- Ability to perform threat modelling to identify potential security threats and application vulnerabilities.
- Knowledge of various threat modelling techniques and frameworks.
-
Risk Assessment:
- Skills in conducting risk assessments to evaluate the impact and likelihood of security vulnerabilities.
- Ability to prioritize security issues based on risk.
-
Code Review:
- Expertise in conducting manual code reviews to identify security flaws and performance issues.
- Familiarity with code review tools and techniques.
-
Problem-Solving:
- Strong problem-solving skills to identify and address security and performance issues.
- Ability to think critically and analytically to assess complex security scenarios.
Qualifications and Experience:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum three years of experience.
- Certified Information Systems Security Professional (CISSP) is a plus.
- Certified Ethical Hacker (CEH) is a plus.
- Certified Information Security Manager (CISM) is a plus.
Ready to secure the digital world? Let’s do it together!
Embark on a rewarding IT career with ITG. Stay informed about our latest job openings by visiting our career page or following our LinkedIn.
We can't wait to see the impact you'll make!