Integrated Technology Group (ITG) is seeking a Senior Security Analyst in (Amman \- Jordan). As a Senior Security Analyst, you’ll be the shield against software threats. Uncover risks, boost our defences, and collaborate with our teams. The Senior Security Analyst is responsible for conducting an in\-depth analysis of software code to identify and mitigate security vulnerabilities. Senior Security Analyst will work closely with development teams to ensure that applications are developed with strong security measures. **Responsibilities****:** ------------------------- * Conduct in\-depth security reviews of complex software code to identify and mitigate advanced vulnerabilities. * Assist in designing and implementing secure coding practices and architecture standards. * Conduct threat modelling exercises to identify potential security threats and vulnerabilities. * Evaluate and recommend security analysis tools to improve the efficiency and effectiveness of code reviews. * Ensure adherence to security standards, regulatory requirements, and industry best practices. * Lead security incident response activities and contribute to post\-incident analyses. * Prepare detailed reports on security findings, trends, and recommendations for management and stakeholders. Provide mentorship and guidance to junior security analysts on code analysis techniques and best practices. **Required Skills** ------------------- * ### **Technical:** * #### **Deep Understanding of Security Principles:** + Knowledge of fundamental security concepts, including confidentiality, integrity, availability, authentication, authorization, and non\-repudiation. + Familiarity with secure coding practices and principles. * #### **Proficiency in Security Tools:** + Experience with security tools for code analysis (e.g., static and dynamic analysis tools, SAST, and DAST tools). + Knowledge of penetration testing tools and methodologies. * #### **Programming and Scripting:** + Proficiency in multiple programming languages (e.g., Python, C\#, HTML, JavaScript, Flutter) to understand and review code. + Ability to write scripts to automate security checks and tests. * #### **Vulnerability Management:** + Expertise in identifying, assessing, and managing software applications and systems vulnerabilities. + Knowledge of common vulnerabilities (e.g., OWASP Top Ten) and how to mitigate them. * #### **Performance Analysis:** + Understanding of performance testing methodologies and tools. + Ability to identify performance bottlenecks in code and suggest optimizations. * ### **Analytical:** * #### **Threat Modeling:** + Ability to perform threat modelling to identify potential security threats and application vulnerabilities. + Knowledge of various threat modelling techniques and frameworks. * #### **Risk Assessment:** + Skills in conducting risk assessments to evaluate the impact and likelihood of security vulnerabilities. + Ability to prioritize security issues based on risk. * #### **Code Review:** + Expertise in conducting manual code reviews to identify security flaws and performance issues. + Familiarity with code review tools and techniques. * #### **Problem\-Solving:** + Strong problem\-solving skills to identify and address security and performance issues. + Ability to think critically and analytically to assess complex security scenarios. **Qualifications and Experience:** ---------------------------------- * Bachelor's degree in Computer Science, Information Security, or a related field. * Minimum three years of experience. * Certified Information Systems Security Professional (CISSP) is a plus. * Certified Ethical Hacker (CEH) is a plus. * Certified Information Security Manager (CISM) is a plus. Ready to secure the digital world? Let’s do it together! Embark on a rewarding IT career with ITG. Stay informed about our latest job openings by visiting our career page or following our LinkedIn. We can't wait to see the impact you'll make!