Jobs//Customer Success//

SAST/DAST Specialist

CNA
Sorry, this job was removed at 11:33 a.m. (CST) on Wednesday, November 17, 2021
View 208 Jobs
Find out who's hiring in Chicago.
See all Customer Success jobs in Chicago
View 208 Jobs
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job

Job Summary
Under technical direction the Static and Dynamic Application Security Testing (S/DAST) Specialist enhances the security of the internally developed source code and applications to identify and minimize security vulnerabilities and code weaknesses. This position is a key member of the Application Security Team (AppSec) which manages the Secure Development Life Cycle (SDLC) throughout CNA's Technology organization. This position works closely with project teams across the organization and support multi-faceted engagements spanning legacy and modern technologies.
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:

  • Executes day-to-day responsibilities of testing enterprise applications for vulnerabilities both dynamically and statically.
  • Establishes vulnerability testing and scanning requirements with AppSec Leadership.
  • Supports enterprise policy and technical standards with specific regard to SDLC and secure configuration.
  • Partners with other Security and Technology professionals to support and enable strategies for enhanced developer experience.
  • Acts as a subject matter expert with the Enterprise Architecture and Infrastructure teams during engagements and project meetings.
  • Works with applications both on-premises and in the cloud.
  • Understands business requirements and work with them to define appropriate solutions for security objectives while meeting the business need.
  • Provides guidance technical expertise and support to team members regarding the SLDC framework and software composition analysis per CNA AppSec standard.
  • Participates and leads new projects as needed.


May perform additional duties as assigned.
Reporting Relationship
Typically Manager or above
Skills Knowledge & Abilities

  • Solid written and verbal communication skills with the ability to collaborate with peers Technology leadership and team members and internal and external business partners.
  • High performance skillset which not only understands the threat spaces as it relates to risks but also able to translate technical gaps to business risk when communicating with senior leaders and other key stakeholders.
  • Solid experience with application vulnerability scanning software composition analysis SDLC and programming. Highly skilled with application scanning tools such as Burp Suite Nessus or equivalent.
  • Demonstrated experience with a wide range of programming languages: Perl .Net Python database platforms (SQL NoSQL) etc. and with detecting and securing applications from vulnerabilities including the OWASP top 10.
  • Solid understanding of application-level security issues and risks. Experience with manual and automated composition analysis tools and techniques.
  • Comfort in a diverse technology environment spanning multiple operating systems and architectures.


Education & Experience

  • Bachelor's degree in Computer Science or related discipline or equivalent work experience.
  • Typically a minimum of four years' related work experience in Information Technology.
Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • PerlLanguages
    • PythonLanguages
    • RLanguages
    • SqlLanguages
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • Node.jsFrameworks
    • SpringFrameworks
    • AccessDatabases
    • DB2Databases
    • Microsoft SQL ServerDatabases
    • MySQLDatabases
    • OracleDatabases
    • PostgreSQLDatabases
    • Google AnalyticsAnalytics
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • SalesforceCRM
    • SendGridEmail
    • MarketoLead Gen

Location

Located in the heart of the loop, CNA’s headquarters are at 151 N Franklin. With close proximity to both L and Metra stations.

An Insider's view of CNA

How would you describe the company’s work-life balance?

Work-life balance has always been a priority for me. It always will be. CNA’s hybrid working model allows me to not only maximize collaboration with my peers but also take advantage of increased flexibility by combining remote and in-office work. I’m empowered to take control of my schedule based on what works best for me and my team.

Alison Massey

Agile Scrum Master Consultant

How does the company support your career growth?

Throughout my five-year career, I’ve seen CNA value creating thinking and continuous learning. My managers actively encourage me to pursue rewarding professional development opportunities. Those opportunities have had a direct impact on my career growth. At CNA, the opportunities are endless and your career aspirations matter.

Alaina Cole

Underwritting Specialist

What unique initiatives do you have that encourage innovation?

We have an Innovation program and team that designs processes to encourage creative thinking and capture ideas across CNA. In addition to collaborating with and learning from world-class technology partners, we also host events such as our Innovation Summit and Hackathon, which bring winning competition ideas to life in real products and services.

Keith Zhang

Architecture Consulting Director

What's the biggest problem your team is solving?

A primary focus of my team is reducing the time-to-market associated with machine learning models. By leveraging cutting-edge cloud services and streamlining processes, we’re enhancing the model development lifecycle. That enhancement allows us to use efficient, effective predictive analytics when making business decisions.

Ryan Gulden

Senior AI/ML Engineer

What are CNA Perks + Benefits

CNA Benefits Overview

One of the many advantages of working at CNA is the benefits program we offer you and your eligible dependents,
beginning on the first day of your employment. The program features a variety of plans that provide health care
benefits, well-being, disability and survivor protection, and 401(k) savings, among others. Below are highlights
of the offerings.

Culture
Volunteer in local community
Partners with nonprofits
Open door policy
OKR operational model
Open office floor plan
Flexible work schedule
Remote work program
Diversity
Dedicated diversity and inclusion staff
Diversity employee resource groups
Health Insurance + Wellness
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Wellness programs
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Charitable contribution matching
Child Care & Parental Leave
Generous parental leave
Family medical leave
Adoption Assistance
Vacation + Time Off
Generous PTO
Paid holidays
Paid sick days
Office Perks
Relocation assistance
Onsite gym
Professional Development
Job training & conferences
Tuition reimbursement
Lunch and learns
Online course subscriptions available
View full list of perks + benefits

More Jobs at CNA

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about CNAFind similar jobs like this