Web Application Security Analyst

We invite you to bring your experience with information security and web application architecture into play as you take on a central role in strengthening and optimizing cyber security defenses in one of the world´s leading engineering consultancy houses. To succeed in this role you must have documented experience from a similar role, preferably with a large, global organization, and solid understanding of security operations. Security audit background will be an advantage.  

Are you our new Web Application Security Analyst? Click the apply-button to send your application.

Inviting bright minds

Do you want to push the boundaries of your profession and develop your excellence in an open, collaborative and empowering culture? We work to create a sustainable future and our inspiring projects and innovative solutions aim to set the standard among our peers. You will join a global company that has been growing successfully since its founding in 1945. Together, we lead and leave a positive impact on societies, companies and people around the world.

You will join our IT Security department

As our new Web Application Security Analyst, you will be part of a team of skilled security professionals and consultants tasked with managing and developing Ramboll’s global cyber and information security programs.

Your key tasks and responsibilities will be:

Work with application development and QA teams across multiple products to: review, evaluate and prioritize vulnerability findings

Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks

Provide support on secure code implementation, design and architecture Assists security administrators and IT staff in the resolution of reported security incidents

Threat-modeling & risk analysis

Promote and improve security audit readiness of Ramboll´s IT and security functions

Perform security assessments and provide advice in assigned IT development and procurement projects

Analyse the results of security assessments and work with system owners to remediate found issues

Organize data concerning vulnerability scan results in a way that is meaningful to business units within the company

Collaborate on critical IT projects to ensure that security issues are addressed throughout the project lifecycle

Work in concert with Application Development Engineers to evaluate applications before they get put into production

Evaluate existing Web Applications to secure the existing set of available products

Your starting point for constant growth

From the moment you join Ramboll, we will support your personal and professional development so that you grow with the company. For this role, we believe your starting point is:

Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field

Min. 2 - 4 years’ experience with security audit, review, and analysis of web applications

Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 27001,2,17,18 etc., ITIL, COBIT, National Institute of Standards and Technology (NIST), CSI CSC 20 etc.  

In-depth knowledge and understanding of information risk concepts and principles

Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand and ability to effectively communicate with both non-technical and technical people

Strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses and vulnerability analysis.

Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges - ability to work well inside and outside a team

These skills are not strictly required but will be helpful in this role:

Strong knowledge of multiple coding languages

Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them - solid understanding of Information Security in general and the specific behaviors that would secure client's information assets

Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews (Bandit, CodeSonar, Deep Dive, Fortify, Seeker, Sentinel Source)

Audit, compliance or governance experience is preferred

Proficiency in group communication

Experience creating documentation

Personal qualities that will help you succeed in this role include: 

Strong analytical skills

Ability to interact with personnel across all business units and customers

Good written and verbal communication skills – excellent English is a must

Passion for providing excellent support – including ability to manage expectations effectively

Welcome to our Support Organization

In Ramboll’s Support Organization we take pride in keeping Ramboll running smoothly, enabling bright minds throughout the organization to focus on their areas of expertise as we tie together all parts of the business. We provide support within areas like Finance, HR, IT, Legal, Communication, Facility Management and more, coordinating efforts and securing common ground for the development and servicing of clients and markets.

Ramboll in the US

Ramboll has more than 5,000 experts working across dozens of offices in the US applying their passion to deliver innovative solutions in markets as diverse as Buildings, Transport, Planning & Urban Design, Water, Environment & Health and Energy. Founded in Denmark, Ramboll is a people company. We invite you to contribute to a sustainable future working in an open, collaborative and empowering culture.

How to apply

Apply online. Attach your CV, cover letter and relevant documents showcasing why you are the right fit for the role, and when you are available to start. We look forward to receiving your application.