OneMain Financial Jobs

OverviewWere looking for a Senior Cyber System Analyst to join our Application Security Team within Information Security Operations. You will play a hands-on role in our Vulnerability Management program, by administering security scanning tools and supporting development teams in identifying and remediating security findings. DAST/SAST Tool Administration Analyst will assist in configuring, maintaining, and troubleshooting security scanning tools. Analyst will also support phased integration of DAST tool into deployment pipelines and help maintain scanning schedules and tool documentation Vulnerability Triage and Remediation trackingAnalyst will review and validate security findings from tools and collaborating with stakeholders to achieve remediation. Analyst will assist in preparing vulnerability metrics and status reports on progress. ResponsibilitiesCore Responsibilities * Lead vulnerability management response efforts and events for applications * Continuously build and implement improvements to application security workflows and processes, including vulnerability scanning, assessment, prioritization, and tracking/remediation * Develop new and update existing application vulnerability management policies, procedures, runbooks, and other documentation * Configure and run application testing of applications using industry-standard tools * Coordinate with application teams on scanning and application security practices, providing governance, oversight, and technical expertise * Remain up to date on cybersecurity news and emerging vulnerabilities * Assess and prioritize vulnerabilities for impact and cyber risk * Communicate vulnerability statuses and associated risk to stakeholders and leadership * Coordinate with stakeholders to remediate vulnerabilities timely, providing technical expertise and support as needed * Ensure proper escalation and communication of critical vulnerabilities or other issues to leadership in a timely fashion * Keep abreast of current developments in application security and vulnerability management and propose recommendations to mitigate risk * Perform validation that vulnerabilities have been remediated/mitigated, working with other teams as required * Collect, analyze, create dashboards, and report on vulnerability metrics * Continuously learn, improve, and hone your skills to deliver advanced assessments * Present to executive-level stakeholders * Conduct presentations and education efforts on application security/vulnerability management and best practices * Serve as a technical SME for more junior members of the vulnerability management teamQualificationsRequired Education/Experience * Master's Degree and 2 years of cybersecurity, application development, or other related IT experience or * Bachelor's Degree and 3 years of cybersecurity, application development, or other related IT experience or * High School Diploma/GED and 6 years of cybersecurity, application development, or other related IT experience.Preferred Education/Experience * Bachelor's Degree Computer Science, Cybersecurity, or similar field and 3 years of experience.Relevant Work Experience * Previous IT or cybersecurity experience, required. * Knowledge of cybersecurity tools, required. * Understanding of industry standard policies, processes, and procedures covering incident, problem, and change management, required. * Understanding of OWASP Top 10, required. * Proficiency in reading and understanding code across common web languages and frameworks (JS,C#, Angular, .NET), preferred. * Familiarity with secure coding practices and proficiency in triaging vulnerabilities to understand impact, preferred. * Previous experience in application scanning and vulnerability management, including configuring and using DAST and SAST scanning technologies and performing vulnerability risk assessments/prioritization, preferred. * Familiarity