Job Summary

Darling Ingredients seeks a Cyber Application Security Analyst with an analytical mind and a detailed understanding of cyber security methodologies. Application Security Analysts are expected to have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure and deliver on tight deadlines.

As an Application Security Analysts, you will be responsible for taking the "assume breach" model of security and transforming it into "active defenses". In short, your role is to find the adversary by assuming they are already in and then try to prove it. Your role includes thinking outside of the box and to tune application security defenses and counter measures to give early warning of adversarial tactics happening inside security layers. Applicants must possess in-depth knowledge of vulnerability & risk remediation, application and development security best practices, forensics, malware, and cyber industry controls.

Essential Duties/Responsibilities

Nothing in this job description restricts management's right to assign or reassign duties at any time.

• You will work with developers and IT Infrastructure Operations to find the software, code, integrations and SaaS vulnerabilities and risk
• Participates in security architecture planning for both on-premises and cloud-based solutions to include new innovations and technologies such as artificial intelligence and machine learning
• Provides expert advice to development teams and acts as an Information Security subject matter expert on product development matters
• Provide application support for red team threat testing and risk assessments for software, services, vendor/3rd party products and M&A activities
• Works with product & development managers for the assessment and prioritization of security related tasks after an assessment
• Participates in the CIRT response team as needed related to code-level software vulnerabilities or adversary activities/IOCs
• Ensure appropriate defenses and countermeasures are in place for each phase of the software development lifecycle, third-parties, developer tools, and services
• Improves the adoption of security best practices through standards such as CIS
• Detect and help tune tools to detect patterns/anomalies within client environments that match tactics, techniques or procedures (TTPs) of known threat actors, malware or other unusual or suspicious behaviors
• Continuous application focused threat hunts & analysis including staying up to date on emerging threats, industry issues and trends, and the global information security landscape
• Enforces security policy and assists in architecture collaboration within IT and throughout the organization to assess organizational information security risks and identify paths forward in mitigating or remediating those risks
• Participates in security assessments, purple team exercises and incident response
• Conduct dynamic and static malware analysis on samples obtained during incident handling or hunt operations to identify IOCs
• All other duties as assigned by management

Minimum Qualifications

• High School Diploma or GED equivalent required
• 2+ years of experience as a Software Security Engineer or similar role
• Software development experience in one of the following core languages or similar: C#.NET, JavaScript, Python, C++

Preferred Qualifications

• Bachelor's Degree in related field preferred
• Familiarity with OWASP and CWE guidelines
• Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
• Working knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols
• SIEM/SOAR experience is preferred
• Working knowledge and experience in leading artificial intelligence and machine learning iniatives within a large enterprise
• Ability to work under pressure in a fast-paced environment.
• Strong attention to detail with an analytical mind and outstanding problem-solving skills
• Self-motivated and communicates well with both technical and non-technical audiences
• Passion for cybersecurity and strong interpersonal and collaborative skills, with the ability to work in a team environment
• Great awareness of cybersecurity trends and hacking techniques.
• Advanced training on anomaly detection; tool-specific training for data aggregation, analysis, and threat intelligence
• Certifications are a plus:

• Certified Information Systems Security Specialist (CISSP)
• GIAC Certified Web Application Defender (GWEB)

Physical Demands

• Frequently required to walk, stand, sit, climb, balance, stoop, kneel, crawl, and crouch
• Occasionally lifts to 40 lbs
• Regularly required reach with hands and arms
• Occasional overnight travel by personal vehicle or airplane - 10% or less

Work Environment

Job functions will be carried out in an office environment

Darling Ingredients is an equal opportunity employer and gives consideration to qualified applicants without regard to race, age, color, religion, sex, national origin, sexual orientation, gender identity, disability, or, protected veteran status. EEO is the Law: If you would like more information, please click on the link or paste into your browser: https://www.eeoc.gov/employers/eeo-law-poster