8 days old

Application Security Analyst

Chevron
San Jose, CA 95123


Chevron Holdings Inc. (CHI) is a pioneer and leading multi-function Shared Services Center in the Philippines located in Makati City. With a workforce of more than 1,000, CHI delivers business services and solutions in areas such as finance, human resources, procurement, marketing support and information technology.




Chevron is accepting online applications for the position of IT Business Analyst through February 20, 2020 at 11:59 p.m. (Eastern Standard Time).




The Application Security Team at Chevron fully leverages the agility and responsiveness of a DevSecOps approach, we play an integrated role in the full life cycle of our applications. The team provides leadership and direction on the use of current and emerging technologies, with emphasis on application security and software engineering, based on best practices and standards relevant to Chevron and provides guidance on best practices and standards throughout the System Development Lifecycle process including requirements, design, development, quality assurance, and deployment.




RESPONSIBILITIES FOR THIS POSITION INCLUDE BUT ARE NOT LIMITED TO:



+ Subject matter expert on software development processes, best practices, and secure coding standards


+ Ensure the enterprise is following application security requirements and principles, secure coding standards and best practices


+ Identify tools and automate rules into DevSecOps pipelines to enable guardrails; ensure coding practices are followed and vulnerabilities & risks are identified early and remediated appropriately based on risk.


+ Work with DevSecOps teams and engineers to integrate security solutions into continuous delivery frameworks


+ Assist application teams in migrating security controls to cloud (Azure, AWS, etc.)


+ Provide support to scan using different development IDEs (i.e., Visual Studio 2005-2015 & Eclipse)


+ Facilitate competency development for Application Professional role (Application Developer and Application Support Analyst)


+ Active leadership and participation in the Application Security Technical Network (ASTN) and Software Engineering Community of Practice; connect to other CoPs


+ Maintain secure coding standards


+ Stay current on application security and associated cross-functional issues.


+ Provide operational support for Application Security technologies (MicroFocus Fortify), and consulting for remediation of application security issues


+ Support and evolve the inclusion of appropriate application security clauses in Chevron contracts (working with Procurement and Legal)


+ Continue evolution of app security maturity expectations and OC for the enterprise; measure CVX app security maturity; maintain relationship(s) with app security training provider and consult on content development


+ Provide System Development Lifecycle (SDLC) tools and process consulting to projects and teams to ensure secure design and code





Required Qualifications:



+ Minimum 5+ years of hands-on experience with formal application development project execution


+ Technical Skills: 5+ years of hands-on design and development experience using Microsoft Development Technology stack, in particular .NET, SCM, MVC, WCF; SOA; Java-based technology, workflow and reporting technologies; database technologies such as Oracle and SQL Server


+ Experience mitigating vulnerabilities in OWASP Top 10 and knowledge of other industry standard vulnerability lists (i.e. SANS 25, etc.)


+ Experience finding known vulnerabilities and where they are listed for the industry (i.e. cve.mitre, NIST, etc.)


+ Application developer background


+ Familiar with the DevSecOps (CI/CD Pipleline) approach, and Agile Methodology


+ Knowledge of development languages (E.g ASP, C/C++, .Net, Java, Cobol, Javascript, PHP, Python, T-SQL)


+ In-depth understanding of industry standard lists of vulnerabilities (i.e. OWASP Top 10)


+ Exposure to Cloud (Azure, AWS, etc.) security controls


+ Strong communication and presentation skills including the ability to interface across the IT function, and with business partners and external parties across the world at an appropriate level of detail


+ Motivation to learn new technologies quickly.


+ Results oriented with strong focus on execution.


+ Ability to prioritize work, and juggle multiple complex tasks.


+ Ability to work collaboratively within a team of high value added individual contributors.


+ Self-starter with ability to work independently but in alignment with team goals.


+ Must thrive in a fast-paced, multi-tasking environment with increasing demands between operational and projects tasks.


+ Critical thinking and problem solving are vital.


+ Comprehension of various development paradigms such as Object Oriented Programming, Web-Oriented Architecture, etc.


+ Experience building standard operating procedures and processes.









Chevron participates in E-Verify in certain locations as required by law.


Chevron Corporation is one of the world's leading integrated energy companies. Through its subsidiaries that conduct business worldwide, the company is involved in virtually every facet of the energy industry. Chevron explores for, produces and transports crude oil and natural gas; refines, markets and distributes transportation fuels and lubricants; manufactures and sells petrochemicals and additives; generates power; and develops and deploys technologies that enhance business value in every aspect of the company's operations. Chevron is based in San Ramon, Calif. More information about Chevron is available at www.chevron.com.

Chevron is an Equal Opportunity / Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status, or other status protected by law or regulation.

Categories

Posted: 2020-02-10 Expires: 2020-03-11

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Application Security Analyst

Chevron
San Jose, CA 95123

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast