DevOps Security Analyst (J00123574)

Website EquifaxCareers Equifax

Smarter insights for smarter decisions.

You will serve as a Security Analyst in the Information Security Office for Equifax Workforce Solutions.  In this role, you will research, monitor, assist and ensure that the proper security controls are built into every phase of the product development process.  You will assist product engineering in identifying security challenges, researching details and preparing options to remove risk and remediate issues.  You will engage in security control review, evaluating existing processes and identifying opportunities to improve accuracy, efficiency, effectiveness and maturity of our support of product engineering.

With your experience and background in application security practices and secure development knowledge, you will engage directly with our Tribes and Squads of developers in many different aspects of application and engineering security policies and practices.  You will be educating leaders and engineers to understand and perform their security responsibilities, growing their proficiency, and validating their work.  You will assist engineering in identifying, researching and applying remediation approaches for vulnerabilities identified in their solution.  You will participate in risk assessments and developing remediation strategies for security issues occurring in software, middleware, libraries, and other third-party dependencies.

Who is Equifax? 

At Equifax, we believe knowledge drives progress. As a global data, analytics and technology company, we play an essential role in the global economy by helping employers, employees, financial institutions and government agencies make critical decisions with greater confidence.

We work to help create seamless and positive experiences during life’s pivotal moments: applying for jobs or a mortgage, financing an education or buying a car. Our impact is real and to accomplish our goals we focus on nurturing our people for career advancement and their learning and development, supporting our next generation of leaders, maintaining an inclusive and diverse work environment, and regularly engaging and recognizing our employees. Regardless of location or role, the individual and collective work of our employees makes a difference and we are looking for talented team players to join us as we help people live their financial best.

The Perks of being an Equifax Employee?

  • We offer excellent compensation packages with market competitive pay, comprehensive healthcare packages, 401k matching, schedule flexibility, work from home opportunities, paid time off, and organizational growth potential.
  • Grow at your own pace through online courses at Learning @ Equifax.

What You’ll Do

  • Serve in a security analyst role as an expert on software security and the secure software development lifecycle
  • Receive and evaluate vulnerability findings, perform relevant research and provide guidance to engineering to build remediation approaches
  • Provide rationale and guidance to engineers and engineering team leads on how to identify and address software code risks, vulnerabilities and how to introduce and improve secure software development practices
  • Become proficient in the use of all available static code analysis tools.  Coaching engineering team members on relevant use in their role.  How to interpret results and how to research findings and develop acceptable approaches for remediation
  • Increase personal knowledge of dynamic analysis tools, defensive programming techniques, the OWASP Top 10, and other common software security patterns and anti-patterns
  • Engage directly with the teams on how to close software security findings (Fortify, pen tests) and practices that can help them avoid future findings
  • Assist across the Information Security Technology team as needed in areas related to code development, operational security and security compliance
  • Integrate flawlessly with the Equifax corporate product security team, who is responsible for the global software security and SSDLC programs. Consume their products and processes, advance the adoption of their standards into Workforce Solutions. Provide tenacious feedback and champion the needs of developers. Be an engaged, collegial partner of the global team.

Qualifications

  • 3+ years experience in a DevOps Security role. (Application Security preferred).
  • Knowledge of cloud-native development practices / technologies, including CI/CD.
  • Working knowledge of code development and coding logic concepts and able to read/interpret code for research and assessment purposes
  • Basic understanding of the application of operating security controls such as WAF, SCA,  SAST, DAST, IAST, API protection, authentication gateway, certificate management, CI/CD security, etc.
  • Working knowledge of information security, with a particular emphasis on application security. How to assess vulnerabilities in software, how to determine risk, how to mitigate and remediate various software vulnerabilities.
  • Working knowledge of secure development practices, such as threat modeling, development of use / abuse cases, key patterns and anti-patterns that drive secure software, successful habits, common mistakes, etc.

Extra Points:

  • Bachelor of Science in Computer Science, Computer Engineering, Electrical Engineering, or a related field preferred.
  • Candidates with no / other degree but relevant experience will be considered.

Success Attributes of an Equifax employee; does this describe you?

  • Accountability
  • Bravery
  • Curiosity
  • Collaboration
  • Think and act differently
  • Trust
  • Ownership
  • Decide-Execute-Ship

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

If this sounds like somewhere you want to work, don’t delay, apply today – we’re looking for you!

Before applying for this position you need to submit your online resume. Click the button below to continue.

Become a Member Today

Be Part of the WIT Movement and join our community of technology leaders, professionals and students TODAY!
Membership with Women In Technology is FREE