Application Operations Security Analyst
Bangalore, INDIA
A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation and guidance service within the TAS Application Operations team.
The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery.
DISCOVER your opportunity
What will your essential responsibilities include?
·Support the Application Operations (Security) team in all security related activities, forums and discussions
·Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys
·Assist in setting up Jenkins pipeline integration to CI/CD lifecycle
·Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues
·Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements
·Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization
·Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures
·Manage the production of reporting and metrics to both internal and external stakeholders
You will report to the Operations Lead (under Head of Application Operations)
SHARE your talent
We’re looking for someone who has these abilities and skills:
Required Skills and Abilities:
·Security First mindset
·Understanding of vulnerability analysis, scanning and remediation processes
·Understanding of CVEs, CVSS
·Understanding of security industry compliancy benchmarks and standards i.e. CIS
·Understanding of security best practices/standards i.e. OWASP, NIST
·Preferable experience with at least 2 coding languages i.e. Java, .NET, C++, Python etc.
·Strong analytical, critical thinking and organizational skills, ability to multitask and work to deadlines
·Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting
·Excellent communication, interpersonal and relationship building skills (verbal and written)
FIND your future
AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it.
How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty.
With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.
Learn more at axaxl.com
Inclusion & Diversity
AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic.
At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed.