• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Email
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter

1.844.822.0541

info@nexusgroup.ca

  • English
    • Français
  • Consultant Login
  • Find Your Opportunity
Nexus Systems Group

Nexus Systems Group

  • Home
  • What We Do
    • Staffing Solutions Made Easy
    • Contingent Workforce Management and Payroll Solutions
    • Technology Consulting and Delivery
  • Who We Serve
  • Who We Are
    • Our Team
    • News and Awards
    • Associations and Community
  • Contact Us
  • News

IT Security Analyst

November 13, 2024 by

Typical Day in the Role:
• The incumbent is responsible for supporting the Senior Manager, Director, VP, SVP and CISO in achieving IS&C Strategic goals through various processes, including:
• Develop and/or enhance strategies and processes to manage web application security vulnerabilities and threats for both transactional and marketing/informational web sites.
• Develop and/or enhance communication model to manage web application vulnerability remediation with the development and infrastructure support teams in support of risk management practices on behalf of the business owner.
• Develop and/or enhance reporting to development teams and all levels of management in order to provide proper tracking and measurement of remediation relative to established objectives
• Recommend, design, assess, implement, deploy and maintain application security controls required to protect client and its customers.
• Responsible for developing and/or enhancing the strategies and processes to identify, analyze, and communicate application vulnerabilities as per the CISO Directive and published communication process flows.
• Responsible for adherence to an established process flow that ensures development support teams, infrastructure support teams, and business risk owners implement control measures that effectively mitigate or eliminate the identified risk.
• Responsible for timely and accurate reporting of all findings to the development teams, appropriate levels of management and the business risk owner

Must Have Skills/Requirements:
1) 10+ years of Experience as an IT Security Analyst
2) A strong understanding of multi-tier Web Applications, web API, and related vulnerabilities and potentials threats. Staying abreast of information provided by recognized organizations such as OWASP (Open Web Application Security Project) and CVE (Common Vulnerabilities and Exposures).
3) Must have a comprehensive understanding of the HTTP protocol, Secure Software Development Lifecycle (SDLC) and Web Programing for multi-tier web applications and web services.
– For example, experience with multiple of JavaScript, SQL, HTML, XML, ASP.net, VB.net, Java, PHP, Python, PowerShell, or Ruby is essential.
4) Must have a comprehensive understanding of the OWASP Application Security Verification Standard (ASVS), and have proven working experience applying the ASVS.
5) Experience performing source code and/or application security assessments, including risk assessments, and penetration testing. The ability to demonstrate exploitation of vulnerabilities is essential, as would experience with vulnerability testing and scanning tools such as Checkmarx, BurpSuite, Acunetix, NetSparker, WebInspect, AppScan, SQLMap, ZAP, and Fortify.

Nice to have Skills:
1) Prior Financial Institutional Experience
2) An understanding of gateway technologies and network devices such as Load Balancers, Proxies, IPS, WAF, API Gateway.
3) The ability to generate reports and tailor your communication strategy for various levels of technical staff, executive management, and business clients.

Soft Skills:
1) Excellent written and oral communication skills. Ideas must be able to be understood and shared easily.
2) Strong organizational skills

  • Apply Now
  • See All Jobs

Footer

ABOUT NEXUS SYSTEMS GROUP

Nexus is one of North America’s leaders in the provision of technology staff augmentation and strategic resource consulting. With a team of talented professionals using best of breed methodologies, Nexus consistently over delivers with quick, quality and trusted results to its clients and consultants.

LATEST OPPORTUNITIES

  • Senior DBA June 11, 2025
  • Senior Developer – ServiceNow June 10, 2025
  • Business Systems Analyst – ServiceNow June 10, 2025
  • Business Continuity/Disaster Recovery Consultant June 9, 2025

SOCIAL

  • Email
  • Facebook
  • Instagram
  • LinkedIn
  • Twitter
Report on Business Canada's Top Growing Companies - Nexus Group
Nexus Group Growth 500 2019
Nexus Systems Group Growth 500 2018
NEXUS GROUP SYSTEMS GROUP INC. NEXUSGROUP.CA
  • Contact Us
  • Terms & Conditions
  • Privacy Policy