Web Application Security Analyst
We invite you to bring your experience with information security and web application architecture into play as you take on a central role in strengthening and optimizing cyber security defenses in one of the world´s leading engineering consultancy houses. To succeed in this role you must have documented experience from a similar role, preferably with a large, global organization, and solid understanding of security operations. Security audit background will be an advantage.
Are you our new Web Application Security Analyst? Click the apply-button to send your application.
Inviting bright minds
Do you want to push the boundaries of your profession and develop your excellence in an open, collaborative and empowering culture? We work to create a sustainable future and our inspiring projects and innovative solutions aim to set the standard among our peers. You will join a global company that has been growing successfully since its founding in 1945. Together, we lead and leave a positive impact on societies, companies and people around the world.
You will join our IT Security department
As our new Web Application Security Analyst, you will be part of a team of skilled security professionals and consultants tasked with managing and developing Ramboll’s global cyber and information security programs.
Your key tasks and responsibilities will be:
Work with application development and QA teams across multiple products to: review, evaluate and prioritize vulnerability findings
Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks
Provide support on secure code implementation, design and architecture Assists security administrators and IT staff in the resolution of reported security incidents
Threat-modeling & risk analysis
Promote and improve security audit readiness of Ramboll´s IT and security functions
Perform security assessments and provide advice in assigned IT development and procurement projects
Analyse the results of security assessments and work with system owners to remediate found issues
Organize data concerning vulnerability scan results in a way that is meaningful to business units within the company
Collaborate on critical IT projects to ensure that security issues are addressed throughout the project lifecycle
Work in concert with Application Development Engineers to evaluate applications before they get put into production
Evaluate existing Web Applications to secure the existing set of available products
Your starting point for constant growth
From the moment you join Ramboll, we will support your personal and professional development so that you grow with the company. For this role, we believe your starting point is:
Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field
Min. 2 - 4 years’ experience with security audit, review, and analysis of web applications
Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 27001,2,17,18 etc., ITIL, COBIT, National Institute of Standards and Technology (NIST), CSI CSC 20 etc.
In-depth knowledge and understanding of information risk concepts and principles
Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand and ability to effectively communicate with both non-technical and technical people
Strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses and vulnerability analysis.
Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges - ability to work well inside and outside a team
These skills are not strictly required but will be helpful in this role:
Strong knowledge of multiple coding languages
Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them - solid understanding of Information Security in general and the specific behaviors that would secure client's information assets
Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews (Bandit, CodeSonar, Deep Dive, Fortify, Seeker, Sentinel Source)
Audit, compliance or governance experience is preferred
Proficiency in group communication
Experience creating documentation
Personal qualities that will help you succeed in this role include:
Strong analytical skills
Ability to interact with personnel across all business units and customers
Good written and verbal communication skills – excellent English is a must
Passion for providing excellent support – including ability to manage expectations effectively
Welcome to our Support Organization
In Ramboll’s Support Organization we take pride in keeping Ramboll running smoothly, enabling bright minds throughout the organization to focus on their areas of expertise as we tie together all parts of the business. We provide support within areas like Finance, HR, IT, Legal, Communication, Facility Management and more, coordinating efforts and securing common ground for the development and servicing of clients and markets.
Ramboll in the US
Ramboll has more than 5,000 experts working across dozens of offices in the US applying their passion to deliver innovative solutions in markets as diverse as Buildings, Transport, Planning & Urban Design, Water, Environment & Health and Energy. Founded in Denmark, Ramboll is a people company. We invite you to contribute to a sustainable future working in an open, collaborative and empowering culture.
How to apply
Apply online. Attach your CV, cover letter and relevant documents showcasing why you are the right fit for the role, and when you are available to start. We look forward to receiving your application.