Senior Information Security Analyst

Job Description

JOB SUMMARY:

Information Security is responsible for coordinating the protection of the organization’s core business operations and information against real-world cyber threats, by employing technology, policy, processes, education programs, and sound design techniques across the enterprise. To be effective, information security must be a team effort involving the participation and support of every Nasdaq worker who deals with information and information systems.

Where will you be working?

Nasdaq is critically dependent on information and information systems. The good reputation that Nasdaq enjoys is also directly linked with the way that it manages both information and information systems. For example, if private customer information were to be publicly disclosed, the organization’s reputation would be harmed.

Guidance, direction, and authority for information security activities are centralized for all Nasdaq organizational units in the Information Security department. Nasdaq information must be consistently protected in a manner commensurate with its sensitivity, value, and criticality.

What are your daily activities?

• You will be responsible for performing penetration testing of web applications, code, system architecture, and/or risk assessment reviews on enterprise systems along with providing specific recommendations for addressing identified vulnerabilities and risks.
• The position requires working  with development teams to review application security findings and to assist with the remediation efforts.
• This position requires that you have excellent interpersonal and team working skills. You will work in a high pressure, real time operating environment and need to have strong communication skills. The successful candidate is analytical and highly technical and a self-starter.

• 3 - 5 years IT security work experience, with at least 1 years’ experience in Application Penetration Testing/Code review or Design review.
• Bachelor’s Degree in Information Technology/Computer Science or equivalent work experience.
• Strong web application penetration testing experience.
• Understanding  of best-practice methodologies, OWASP, etc.
• Experience in vulnerability identification and remediation including source code review mitigation.
• Programming Code review experience (C#, ASP, Net, Java, PHP, other languages a plus such as C, C++, etc.).
• Middleware software experience: Oracle’s WebLogic, IBM’s WebSphere, Apache Tomcat.

Nasdaq offers a challenging, dynamic, multicultural work environment with a competitive salary, bonus and a comprehensive benefits package. Learn more about Nasdaq at:

-      Nasdaq Ignite your ambition: TECH, TRADE, INTEL, LIST

-       or go to www.business.nasdaq.com

Nasdaq (Nasdaq: NDAQ) is a leading provider of trading, clearing, exchange technology, listing, information and public company services across six continents. Through its diverse portfolio of solutions, Nasdaq enables customers to plan, optimize and execute their business vision with confidence, using proven technologies that provide transparency and insight for navigating today’s global capital markets. As the creator of the world’s first electronic stock market, its technology powers more than 70 marketplaces in 50 countries, and 1 in 10 of the world's securities transactions. Nasdaq is home to more than 3,500 listed companies with a market value of over $9.1 trillion and more than 10,000 corporate clients. To learn more, visit www.nasdaq.com/ambition or business.nasdaq.com.

NASDAQ is an equal opportunity employer. We positively encourage applications from suitably qualified and eligible candidates regardless of age, color, disability, national origin, ancestry, race, religion, gender, sexual orientation, gender identity and/or expression, veteran status, genetic information or any other status protected by applicable law.