Senior Information Security Systems Analyst - Remote

The Senior Information Security Analyst - Application Security will lead efforts to ensure the security of our applications by identifying and mitigating vulnerabilities, implementing robust security measures, and collaborating with development teams to integrate security into the software development lifecycle. In this role, you will be responsible for driving the adoption of secure coding practices and security tools by working with key technical and non-technical stakeholders to envision and help build secure solutions, thereby driving long-term application security.

This is a Remote position available in the United States.

Bright Horizons is trusted by families and employers around the world for high-quality child care and early education, back-up care, and workplace education. We partner with some of the world's best companies to provide services that help employees perform their best and support families to thrive both personally and professionally.

Responsibilities:

• Conduct security assessments and code reviews to identify vulnerabilities in applications.

• Develop and implement security policies, standards, and procedures for application security.

• Collaborate with development teams to integrate security best practices into the software development lifecycle.

• Perform threat modeling and risk assessments to identify potential security threats and vulnerabilities.

• Monitor and respond to security incidents and alerts related to applications.

• Stay up-to-date with the latest security trends, vulnerabilities, and technologies.

• Provide training and guidance to development teams on secure coding practices.

• Participate in security audits and compliance assessments.

• Develop and maintain security documentation, including security architecture diagrams and risk assessments.

• Work with third-party vendors to assess and manage application security risks.

• Works with Information Security team on client facing engagements and security awareness events.

• Able to travel to selected sites (1 or 2 trips per year)

• Work with Managed Security Service Providers for Security Monitoring, Application Security, etc.

• Provide expertise and support to management and business functional areas, as requested, when a business disruption occurs

• Ability to work in fast paced priority demanding environment

Qualifications:

• 3 to 5 years Information Security experience is Required

• Bachelor's Degree in Information Security, Cyber Security, InformationAssurance, Computer Science, Network Security or a related field is Required (3 years of additional relevant experience would be considered in lieu of applicable degree)

• Relevant certifications such as CISSP, CEH, GWAPT, and/or CSSLP is Preferred

• Strong understanding of application security principles, including OWASP Top Ten, SANS/CWE Top 25, and secure coding practices.

• Experience with security tools such as static and dynamic analysis tools, vulnerability scanners, and penetration testing tools.

• Knowledge of scripting and programming languages such as Java, C#, VB.NET, Python, and JavaScript.

• Familiarity with cloud security and DevSecOps practices.

• Excellent problem-solving and analytical skills.

• Experience with security frameworks and compliance standards (e.g., ISO 27001, NIST).

• Advanced knowledge of network security and infrastructure security.

• Experience with container security and orchestration tools (e.g., Docker, Kubernetes).

• Ability to automate security processes and integrate security tools into CI/CD pipelines.

• At this time, Bright Horizons will not sponsor an applicant for employment authorization/visa for this position.