• JOB TYPE: Direct Hire Position (no agencies/C2C - see notes below)
• LOCATION: Remote - United States only
• SALARY: $135,000 – $155,000/yr
• ESTIMATED DURATION: 40hr/week - Long term

ABOUT US:

Braintrust is the only network that gives in-demand talent all the freedom of freelance with all the benefits, community, and stability of a full-time role. As the first decentralized talent network, our revolutionary Web3 model ensures the community that relies on Braintrust to find work are the same people who own and build it through the blockchain token, BTRST. So unlike other marketplaces that take 20% to 50% of talent earnings, Braintrust allows talent to keep 100% of earnings and to vote on key changes to improve the network. Braintrust is working to change the way freelance works – for good.

THE OPPORTUNITY

Requirements

***Comp based on experience. Open to mid-senior level and also junior.

***Excellent Bonus and Benefits on top of Comp

Overview

The primary role of the Application Security Analyst is to ensure the secure operation of the company applications and systems through testing, monitoring, and risk assessments. The Application Security Analyst will also maintain a strong understanding of current and emerging security technologies, threats, vulnerabilities, and industry best practices for recommending sound technical solutions as needed.

Required Qualifications

• Minimum 5 years of experience in a corporate network environment
• Possess two or more professional certifications in an Information Security / Cyber Security area. Preferred certifications include CISSP, CSSLP, GWEB, CASE, CASS, CISA, and CRISC.
• Demonstrable expertise in the field of information security and related frameworks such as, International Organization for Standardization (ISO) 27001, ITIL, COBIT, National Institute of Standards and Technology (NIST), CSI CSC 20 etc.
• Strong, hands-on technical knowledge of the Top 10 OWASP (Open Web Application Security Project) vulnerabilities and recommended best-practices for vulnerability remediation .
• Experience with static and dynamic vulnerability analysis using industry-leading scanning tools and manual code reviews (SonarQube, BurpSuite, Nessus, Rapid7, Metasploit, etc.)
• Comprehensive understanding of Internet standards and application protocols including TCP\IP, REST, SAML, HTTP/HTTPS, and modern application technologies.
• Deep understanding of Business-to-Business (B2B) information security infrastructure and approaches to include, OAUTH2 / OIDC, Single Sign On (SSO), Adaptive Access, Access Policy Management, Access Event Logging and Audit, Authorization Control, Session Management
• Solid understanding of data privacy practices, laws, and regulatory requirements such as (FFIEC, SOX, GLBA, PCI-DSS, NYDFS, etc.).
• Able to conduct in-depth research into security issues and solutions as required, including risk assessments with threat and vulnerability analysis.
• Virtualized hosting, integration, and deployment experience for application development (GitHub, AWS, Azure, DevOps, Jenkins, Heroku, SalesForce, etc.)
• Strong interpersonal, written, and oral communication skills Highly self-motivated and directed, with keen attention to detail. Proven analytical and problem-solving abilities.
• Able to effectively prioritize tasks in a high-pressure environment. Experience working in a team-oriented, collaborative environment. Ability to work after hours and on weekends as necessary.
• Provide effective technical and administrative security control recommendations to non-security staff, vendors, and contractors.

What You Can Expect From PWB

The final salary is to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with geographic/market data.

PWB is pleased to offer additional benefits to support our employee’s physical, emotional and financial health.

Benefits include medical, dental, vision, 401(k), life and disability insurance, parental leave, mental health support, wellness incentives, legal assistance, tuition reimbursement, paid time off, company holidays, incentive programs, as well as other fringe benefits.

Apply Now!

ABOUT THE HIRING PROCESS:

Qualified candidates will be invited to do a screening interview with the Braintrust staff. We will answer your questions about the project, and our platform. If we determine it is the right fit for both parties, we'll invite you to join the platform and create a profile to apply directly for this project.

C2C Candidates: This role is not available to C2C candidates working with an agency. But if you are a professional contractor who has created an LLC/corp around your consulting practice, this is well aligned with Braintrust and we’d welcome your application.

Braintrust values the multitude of talents and perspectives that a diverse workforce brings. All qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status.