BXTI - Cybersecurity, AppSec Analyst, Associate at The Blackstone Group LP in Miami, FL
Your Role:
Blackstone's Application & Cloud Security (AppSec) Team is responsible for empowering 250
builders to set and meet security goals by identifying and managing software risks while balancing security with agility. You will join an ambitious and talented team of security engineers that are responsible for evolving how Blackstone does security as it continues to move to modern and next-generation architectures. The AppSec team partners with Developers to build secure services, and with Engineers to build security into foundational platforms that developers build on. Together, we also empower members of the broader Cybersecurity team to take on their responsibilities within these new patterns.
Responsibilities:
o Enable product owners to set security objectives that tie back to unique business requirements, not just industry standards or best practices. o Build efficient, resilient and well-documented systems so the team can focus on the next challenge instead of operational overhead. o Assess the risk of web and RESTful applications deployed on cloud platforms through threat modelling, building attack trees and occasionally penetration testing. o Communicate software vulnerabilities and mitigation options to stakeholders that balance business agility with security. o Partner with Developer teams to meet security objectives through training and integrating vendors or build your own solutions into software development processes. o Establish polices & standards to guide builders to meet security requirements. Essential Requirements:
o Experience in at least one software language, ideally Python but others are acceptable. o Experience implementing Application security tooling such as static analysis (SAST, dynamic analysis (DAST), software component analysis tools (SCA), and/or web application firewalls (WAF) o Ability to perform secure code reviews and white box application penetration tests to find complicated business logic flaws. o Knowledge of software, cloud infrastructure, and systems hardening standards. o Experience with CI/CD tools and concepts to embed security into DevOps pipelines (DevSecOps). o Experience with AWS and essentials services such as IAM, CloudTrail, EC2, S3, DynamoDB, Lambda, Config and GuardDuty o Has managed their work using agile methodologies including sprints and story estimation. o Has a passion for excellence and growth - challenges the current state with opinions grounded in principles and experience, not just best practices. o Able to take-on challenges and propose solutions with minimal guidance. o Knowledge of TCP/IP, HTTP, RESTful APIs and experience securing service-oriented, asynchronous, and distributed application architectures
Salary Range:
$80K -- $100K
Minimum Qualification
Software Development, IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
Blackstone's Application & Cloud Security (AppSec) Team is responsible for empowering 250
builders to set and meet security goals by identifying and managing software risks while balancing security with agility. You will join an ambitious and talented team of security engineers that are responsible for evolving how Blackstone does security as it continues to move to modern and next-generation architectures. The AppSec team partners with Developers to build secure services, and with Engineers to build security into foundational platforms that developers build on. Together, we also empower members of the broader Cybersecurity team to take on their responsibilities within these new patterns.
Responsibilities:
o Enable product owners to set security objectives that tie back to unique business requirements, not just industry standards or best practices. o Build efficient, resilient and well-documented systems so the team can focus on the next challenge instead of operational overhead. o Assess the risk of web and RESTful applications deployed on cloud platforms through threat modelling, building attack trees and occasionally penetration testing. o Communicate software vulnerabilities and mitigation options to stakeholders that balance business agility with security. o Partner with Developer teams to meet security objectives through training and integrating vendors or build your own solutions into software development processes. o Establish polices & standards to guide builders to meet security requirements. Essential Requirements:
o Experience in at least one software language, ideally Python but others are acceptable. o Experience implementing Application security tooling such as static analysis (SAST, dynamic analysis (DAST), software component analysis tools (SCA), and/or web application firewalls (WAF) o Ability to perform secure code reviews and white box application penetration tests to find complicated business logic flaws. o Knowledge of software, cloud infrastructure, and systems hardening standards. o Experience with CI/CD tools and concepts to embed security into DevOps pipelines (DevSecOps). o Experience with AWS and essentials services such as IAM, CloudTrail, EC2, S3, DynamoDB, Lambda, Config and GuardDuty o Has managed their work using agile methodologies including sprints and story estimation. o Has a passion for excellence and growth - challenges the current state with opinions grounded in principles and experience, not just best practices. o Able to take-on challenges and propose solutions with minimal guidance. o Knowledge of TCP/IP, HTTP, RESTful APIs and experience securing service-oriented, asynchronous, and distributed application architectures
Salary Range:
$80K -- $100K
Minimum Qualification
Software Development, IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
