Go Enterprise, contact us anytime: email, phone, or chat

  • Senior Application Security Analyst

    Credit Acceptance

    Perform application security assessments for new and existing applications. Excellent knowledge in application development and security analysis.

Description

Credit Acceptance is proud to be an award-winning company! Our history of excellence and growth has resulted in many exciting career opportunities. For the 7th year in a row, we have been named one of Fortune Magazine’s 100 Best Companies to Work For. Our team members have created a world-class culture that promotes a positive workplace and drives us to succeed, making us one of the largest used car finance companies nationally.

Our IT and Analytics Team Members utilize the latest technology to develop, monitor, and maintain complex practices that help optimize our success. Our Team Members value being challenged, are encouraged to express their ideas, and have the flexibility to enjoy work life balance. We build intrinsic value by partnering with all functions of our business to support their success and make strategic business decisions. We focus on professional development and continuous improvement while enjoying a casual work environment and Great Place to Work culture!

The Senior Application Security Analyst would be responsible for assisting team efforts to maintain and automate application security and DevOps tools and collaborate with development teams in identifying and building solutions to secure code. They will also be responsible for performing periodic risk assessments & reviews to assess security vulnerabilities & identify the best way to reduce information security risks. Analyze system changes to ensure compliance with established policies and identify policy and legal changes that will necessitate changes to internal systems.

Outcomes & Activities:

Perform application security assessments for new and existing applications

Document and report application vulnerabilities and suggest mitigations

Develop and manage a repeatable secure development process

Analyze industry security threats and develop strategies to detect and mitigate

Possess the ability to discuss and present technical solutions to all levels of the business

Competencies:

Business Domain: Understands Credit Acceptance’s business model, operations and business terminology.

Continuous Improvement/Innovation: Identifies, recommends and advocates for improvement opportunities for existing standards, policies and processes.

Value Assessment: Prioritizes and identifies more critical and less critical activities and tasks; adjusts priorities as appropriate.

Active Listening: Understands what is being said and the context in which it is being said.

Collaboration/Customer Focus: Treats everyone like a customer and collaborates with them to clarify and achieve objectives.

Verbal Communication: Speaks in a clear, concise, organized, and effective manner for the intended audience.

Written Communication: Writes in a clear, concise, organized, and effective manner for the intended audience.

Accountability/Ownership: Takes responsibility for delivering the work product.

Escalation: Recognizes areas of risk and escalates through the correct channels in a timely manner.

Time Management: Effectively manages time and resources to ensure that work is completed efficiently.

Critical Thinking: Understands complex information coming from different sources to evaluate, reconcile conflicts and determine the best possible outcomes.

Impact Analysis: Understands the rationale behind changes and how they impact the enterprise and/or applications and across the technical ecosystem.

Solution Design: Ability to translate high-level requirements to create and implement designs that are technically sound, maintainable, cost-effective and meet the needs of the customer.

Technical Domain: Has an understanding of the technical domain including application architecture, design and data.

Requirements:

Bachelor’s degree or equivalent in Computer Science, Information Technology or closely related field of study

Minimum of 5 years in a position in Information Technology

Minimum 3 years in Information Security

Strong knowledge of application security testing (SAST and DAST) and DevOps tools

Excellent knowledge in application development and security analysis

Hands-on experience with OWASP Top 10 standards, including mitigation of common threats like SQL Injection and Cross-Site Scripting

Familiarity with Sarbanes-Oxley, GLBA, ISO 27001, HIPAA

Experience with project management, and enterprise-level deployments & upgrades

Ability to lead development group discussions on vulnerability mitigation, good coding practices, and security risks

Participate in an on-call (24x7) rotation

Targeted Compensation: $82,500 - $110,000

Our Company Values:

To be successful in this role, Team Members need to demonstrate the characteristics of PRIDE in their work:

Positive: Maintain a positive attitude by focusing on solutions and promoting a collaborative and enjoyable environment.

Respectful: Value teamwork, share successes, appreciates others and communicates in a way that promotes trust.

Insightful: Make timely well considered decisions, create innovative solutions and continuously learn.

Direct: Communicate clearly and objectively; don’t be afraid of difficult conversations. Raise concerns through the proper channels.

Earnest: Be honest, sincere and consistent. Work hard and pursue our goals together relentlessly.

Expectations:

Work onsite at the assigned Credit Acceptance work location or territory

Remain compliant with our policies processes and legal guidelines

All other duties as assigned

Attendance as required by department

Interested?

Does this position align with your career goals? Do you meet the required qualifications? Do our PRIDE values resonate with you? Perfect! We want to hear from you.

Advice!

We understand that your career search may look different than others. Our hiring team wants to make sure that this would be a fit not just for us, but for you long term. If you are actively looking or starting to explore new opportunities, send us your application!

P.S.

We have great details around our stats, success, history and more. We’re proud of our culture and are happy to share why – let’s talk!

Required degrees must have been earned at institutions of Higher Education which are accredited by the Council for Higher Education Accreditation or equivalent.

Credit Acceptance is an equal opportunity employer.

California Residents: Please click here for the California Consumer Privacy Act (CCPA) notice regarding the personal information Credit Acceptance may collect from you.


Responsibilities

  • Perform application security assessments for new and existing applications
  • Document and report application vulnerabilities and suggest mitigations
  • Develop and manage a repeatable secure development process
  • Analyze industry security threats and develop strategies to detect and mitigate
  • Possess the ability to discuss and present technical solutions to all levels of the business

Details

  • Travel No travel
  • Incentives Bonus
  • Clearance & Citizenship U.S. Citizenship
  • Remote Work No remote work
  • Education Bachelors Degree
  • Salary Range 90-110K

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!