Information Security Application Analyst
Harris Health System is the public healthcare safety-net provider established in 1966 to serve the residents of Harris County, Texas. As an essential healthcare system, Harris Health champions better health for the entire community, with a focus on low-income uninsured and underinsured patients, through acute and primary care, wellness, disease management and population health services. Ben Taub Hospital (Level 1 Trauma Center) and Lyndon B. Johnson Hospital (Level 3 Trauma Center) anchor Harris Health’s robust network of 39 clinics, health centers, specialty locations and virtual (telemedicine) technology. Harris Health is among an elite list of health systems in the U.S. achieving Magnet® nursing excellence designation for its hospitals, the prestigious National Committee for Quality Assurance designation for its patient-centered clinics and health centers and its strong partnership with nationally recognized physician faculty, residents and researchers from Baylor College of Medicine; McGovern Medical School at The University of Texas Health Science Center at Houston (UTHealth); The University of Texas MD Anderson Cancer Center; and the Tilman J. Fertitta Family College of Medicine at the University of Houston.
Skills / Requirements
The Information Security Application Analyst reports to the Manager-Information Security Operations. Application Security Analyst will review session management controls, including testing for cross-site request forgery, to ensure that web applications maintain distinct user session. In addition, test susceptibility to SQL injections, cross-site scripting and other OWASP attacks and determine relevancy of threats to the organization. Conduct assessments of web applications, servers, endpoints, databases, client-side applications and tools, and APIs. Response to alerts, and security incidents and work with other Information Security Operations teams members to conduct internal penetration test on production applications.
The right candidate is a self-starter with excellent development skills to perform duties such as, but not limited to, research and development of secure coding methodologies, providing experienced guidance pertaining to secure application development design and testing.
Bachelors Degree in Computer Science, Information System Preferred
Licenses & Certification
GWEB, FWAPT, CASE, CSSLP, C|EH Preferred
4 Years of Experience -Strong knowledge of OWASP Top 10 and the ability to articulate application security risks and determine threat level. .Knowledge of dynamic web application scanners is a plus, including (but not limited to) OWASP Zed Attack Proxy, Rapid7 AppSec, Kali Linux, Metasploit, BURP Suite, HP WebInspect, Qualys, or WhiteHat. Static and dynamic code assessment tools. Web Application Firewall concepts. RadWare, Fortify WebInspect Tenable Security Center. Knowledge of HIPAA Security Rule and PCI DSS.
Exceptional Verbal (Public Speaking) Writing/ Correspondence Writing/ Reports
Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!Apply Online
Job Status: Full Time
Job Reference #: 163707