Search Available Jobs

Application Security Analyst in Heredia at TradeStation

Date Posted: 12/8/2022

Job Snapshot

Job Description

Who We Are:
TradeStation is an online brokerage firm seeking to level the playing field for self-directed investors and traders, empowering them to claim their individual financial edge. At TradeStation, we're continuously pushing the boundaries of what's possible, encouraging out-of-the-box thinking and relentless search for innovation. 

What We Are Looking For:
The Security Analyst is responsible for supporting the Application Security Team in ensuring the security of company application assets. This includes performing periodic reviews and assessments, communicating with engineering staff on security vulnerabilities detected, tracking remediations and creating metrics. The Security Analyst is also responsible for developing, reviewing, and updating security documentation.

What You’ll Be Doing:
  • Work with the Application Security team to improve the security of company application assets
  • Perform periodic security assessments and reviews of applications including security testing using SAST, DAST, SCA, and other security testing methodologies
  • Perform analysis and validation of security test findings and communicate regularly with engineering staff including developers, managers, product owners, etc. on security test findings and remediation tracking
  • Review, update and develop required security documentation, including Information Security policies and standards
  • Develop and compile metrics, dashboards, and analytics for executive-level audiences, using SQL and/or reporting tools (Excel data function, Excel pivot table, PowerBI)
  • Stay current information security news, vulnerabilities, trends and techniques, and make recommendations to the security team
  • Assist and research ways to improve and automate existing processes using scripting languages if necessary (Python, Javascript, etc.)
  • Assist with configuring, installing and administering security tools and systems
  • Assist with the evaluation of new and existing security tools, platforms, and technologies
  • Conduct continuous health monitoring of security tooling and control implementations
  • Support for project assignments with strong and effective communication, time management and collaboration skills
  • Assist with other security-related initiatives as they arise
The Skills You Bring:
  • Self-driven, organized, details-oriented with an ownership attitude
  • Excellent English verbal and written communication skills
  • Able to effectively interact with all levels of the organization
  • Strong analytical, problem-solving, and troubleshooting skills
  • Able to multitask and prioritize work in a quickly changing business environment
  • Knowledge or experience developing documentation and conducting reviews.
  • Solid understanding of security principles, best practices, and compliance requirements (PCI, SOX, GDPR, OWASP, NIST, etc.)
  • Solid understanding of security concepts such as Segregation of Duties, Data Classification or Least Privilege
  • Demonstrated personal initiative in maintaining a continuous level of professional knowledge in areas of technology and security
  • Experience with Microsoft Office products, especially Excel and excel functions (TRIM, VLOOKUP and other data functions), Word, and PowerPoint and PowerBI
  • Desire to learn new security technologies and practices
  • Knowledge or experience with SQL and reporting tool(s) is a plus
  • Excellent skills with Microsoft Office and Atlassian tools (Jira and Confluence)
  • Understanding of SDLC and software development programming is helpful
  • Experience as a software developer and/or Quality assurance tester is a plus
  • Knowledge or experience with Microsoft Azure and Amazon Web Services environments is a plus
Minimum Qualifications:
  • Must be located in Costa Rica and able to work core US Eastern Time hours
  • Bachelor's Degree in Computer Science/Information Technology/Information Security or equivalent work experience required
  • Minimum of 3 years of Information Technology and/or Information Security work experience is required
Desired Qualifications:
  • An acknowledged industry security certification such as Security+, or CySA+ is a plus
  • Demonstrated progression toward security career goals and willing to pursue relevant professional designations (ex. CISA, CISM, CISSP)
  • Experience with SAST, DAST, SCA security test tools such as Checkmarx, BlackDuck, WhiteSource, Burp, Nmap, SSL/TLS scans, OWASP ZAP
  • Experience with software development programming and scripting languages
  • Experience with distributed and scalable cloud architecture, containerization, Docker, and/or Kubernetes. Kubernetes certification(s) are a plus
  • Experience with Microsoft Azure and Amazon Web Services (AWS) environments. AWS, Azure certification(s) are a plus
What We Offer:
  • Collaborative work environment
  • Competitive Salaries
  • Yearly bonus
  • Comprehensive benefits for you and your family starting Day 1
  • Unlimited Paid Time Off
  • Flexible working environment
  • TradeStation Account employee benefits, as well as full access to trading education materials