Job Description

Costco Remote

Job Responsibilities: Application Security Analyst

Salary: $20-30/Hour

Company: Costco

Location: Seattle, USA

Educational Requirements: Bachelor Degree

Full Job Description : 

Costco IT is answerable for the specialized eventual fate of Costco Discount, the third biggest retailer on the planet with discount activities in fourteen nations. Notwithstanding our size and unstable global development, we keep on giving a family, representative driven climate in which our workers flourish and succeed. As verification, Costco positions seventh in Forbes “World’s Best Managers”.

Security Experts support the qualities and business objectives as they connect with legitimate, moral, and administrative commitments; safeguard protection; and keep a solid innovation climate. Security Examiners create and execute security controls, guards, and countermeasures to block and forestall interior/outer assaults, penetration of organization information, and compromising of frameworks and records. Security Investigators research endeavored/effective endeavors to think twice about security; plan countermeasures; carry out and keep up with physical, specialized, and authoritative security controls; and give data to the executives in regards to the adverse consequence to the business.

This Application Security Investigator position performs design, investigating, checking, and reviewing of data framework exercises using different application security testing instruments to guarantee security best practices are upheld; makes and keeps up with documentation connected with arrangements, guidelines, and techniques; coaches colleagues; and offers consultative types of assistance to groups and partners to further develop application security inside their surroundings. Furthermore, the Security Investigator position is supposed to work with providers for item thought and suggestion.

Fundamentally, this Security Expert ought to have inside and out working experience and information on application explicit testing approaches and weaknesses. An effective competitor ought to likewise have strong abilities in Windows, cloud, and have top to bottom information and work insight with industry perceived security best practices.

If you have any desire to be a piece of one of the overall BEST organizations “to work for”, just apply and allow your vocation to be rethought.

Job
Works logically to take care of both strategic and key issues inside the Application Security program.
Gathers and totals data from a wide assortment of sources and configurations for significance to our current circumstance; screens and gives measurements on danger level of weaknesses.
Upholds the execution, design, and the executives of use security instruments.
Gives suggestions on remediation cycles and direction on the most proficient method to fix application explicit weaknesses.
Onboards new and existing applications and destinations in application security tooling stages; and works with static and dynamic testing through either mechanized or manual testing processes all through the SDLC.
Lays out compatibility and accomplices with other IS groups to develop the Application Security program.
Contributes and partakes in group exercises and arranging with respect to further developing group abilities, mindfulness, correspondence, notoriety, and nature of work.
Works with advancement groups to coordinate application security rehearses into CI/Disc pipelines.
Teams up and discusses really with Consistence, Inside Review, Business groups, and others to distinguish, break down, and impart risk in regards to application security to help business necessities.
Answers tickets, support solicitations, and episodes in a proactive way.
Organizes with the Episode Reaction group to remediate security occurrences depending on the situation.
Comprehends administrative and consistence prerequisites that might influence security and actually teams up with business regions and undertaking groups to foster security arrangements.
Comprehends security issues as the need might arise.
Advocates inside and remotely for consistence and safety efforts to safeguard undertaking applications and conditions.
Works with data frameworks proprietors and overseers to comprehend their security needs and helps with carrying out practices and methods predictable with Costco’s security approaches.
Constructs and keeps up with provider organizations to additional Costco’s central goal and objectives.
Keeps up with current information on industry patterns and guidelines.
Makes and keeps up with refreshed natural documentation (counting cycles and strategies), errands, change records, and so on.
Proceeds with proficient development in the space of innovation, business information, and Costco approaches and stages.
REQUIRED
Working information on application security testing techniques, like SAST, DAST, Pole, and SCA.
Involved insight with static as well as unique code examining and ensuing remediations.
Working information on weakness the executives processes.

Knowledge of industry perceived Chance Rating Strategies.
Knowledge of Lithe improvement ideas and strategies, like Scrum or Kanban.
Phenomenal comprehension of SDLC and DevOps ideas, like CI/Compact disc pipelines.
Information on Sky blue distributed computing and cloud administrations.
Information on complex application stages, like the Java EE and .NET stage.
Knowledge of programming dialects and Web Administration advancements (ex. Cleanser, REST, GraphQL, and so on.).

Experience with Windows, Linux, and systems administration conditions.
Working information on data frameworks’ security guidelines/rehearses (e.g., access control and framework solidifying, framework review and log document observing, security approaches, and episode taking care of).
Capacity to plainly convey Data Security matters to chiefs, evaluators, end clients, and designers, utilizing suitable language, models, and tone.
Capacities to decipher and introduce weakness tracking down depictions and answers for specialized and non-specialized clients.
Capacity to rapidly comprehend frameworks to distinguish and approve security prerequisites.
Shown consistent and organized way to deal with using time productively and task prioritization in supporting group objectives.
Exhibited elevated degree of relational abilities, both verbal and composed.
Solid scientific abilities, documentation abilities, and consciousness of progress the executives.
Capacity to embrace and support group cooperation and correspondence; solid cooperative outlook, ready to work as a contributing individual from the group.
Capacity to adjust to evolving needs.
Experience dealing with profoundly classified and touchy data in a stringently proficient way.
Booking adaptability to address the issues of the business, including beyond ordinary business hours; potentially every minute of every day to oblige all Costco areas.
Suggested
Experience with at least one prearranging/programming dialects.
Experience with fix and weakness the board.
Comprehension of data security systems and how they improve security and backing consistence, like NIST.
Programming experience including manual code audits.
Experience with application improvement stages, including Sky blue DevOps, GitHub, Jenkins, and SonarQube.
Experience in endpoint assurance devices is useful.
Proficient with multifaceted validation and confirmation cycles and conventions. Verification administrations, as well as PKI and token/testament based confirmation, DNS, and Promotion structure

While the specific rules and responsibilities of companies in the United States can vary depending on factors such as industry, size, and location, there are some common rules and responsibilities that many companies adhere to. Here are a few examples:

Compliance with labor laws: Companies in the United States are required to comply with various labor laws, such as the Fair Labor Standards Act (FLSA), which establishes minimum wage, overtime pay, and child labor standards. They must also adhere to laws related to workplace safety and health, including the Occupational Safety and Health Act (OSHA).
Equal employment opportunity: Companies are expected to provide equal employment opportunities to all individuals, regardless of their race, color, religion, sex, national origin, age, disability, or genetic information. This includes complying with laws such as Title VII of the Civil Rights Act of 1964 and the Americans with Disabilities Act (ADA).
Payroll and tax obligations: Companies are responsible for properly handling payroll, including calculating and withholding taxes from employees’ wages, and submitting the required tax payments to federal, state, and local tax authorities. They must also provide employees with necessary tax forms, such as W-2s.
Workplace safety and security: Companies must provide a safe and secure work environment for their employees. This includes implementing safety protocols, providing necessary safety training, maintaining equipment and facilities, and addressing potential hazards.
Non-discrimination and harassment policies: Many companies have policies in place to prevent discrimination and harassment in the workplace. These policies often include procedures for reporting and addressing complaints, as well as consequences for violators.
Privacy and data protection: Companies are expected to handle the personal and sensitive information of their employees and customers responsibly. This may involve implementing measures to protect data privacy, complying with applicable data protection laws, and informing individuals about the collection, use, and storage of their personal information.
Ethical conduct and corporate social responsibility: Companies are encouraged to conduct their business ethically and responsibly. This may include promoting fair trade practices, adhering to environmental regulations, supporting social causes, and practicing transparency in their operations.
Costco Remote