Vacancy caducado!
Application Security AnalystLocation PA, Malvern Department Information Technology Employment Type Full Time Have you ever used the self-checkout? Played the slots at a Casino? Maybe you grabbed a drink from a vending machine or paid to park your car? If you’ve answered with a resounding “YES”, then you’ve done so with the aid of one of the 10 million devices installed by Crane Payment Innovations (CPI).We make the technology that powers your everyday life, enabling more than 4 billion transactions every week in more than 143 currencies worldwide. From cash and coins to cards and mobile, we keep the world of payments moving with smart validation devices and business management software. Headquartered in Malvern, PA, CPI is supported by: >2,500 global associates, 7 manufacturing sites, 12 corporate offices and 43 service branches.WHAT YOU’LL BE DOING As an Application Security Analyst, you will be responsible for helping to ensure our products remain safe and secure. This position provides a critical independent overview of the security for our devices and applications. It is responsible for compliance with industry standards via gap analysis, penetration tests, scans, and physical audits of firmware developed for devices and applications related to CPI products and services.The Application Security Analyst will have a direct impact on our IT and Engineering groups, and will be responsible for:
CPI’s PCI (Payment Card Industry) Compliance.
Work with external agency to ensure CPI is in compliance and certified.
Provide consultation to business on PCI compliance requirements.
Ensure CPI products are designed, shipped, and maintained in accordance with the Device and Applications Security policies.
Work with engineering to ensure security measures are incorporated in the Policies and the Software Development Process (SDP) – monitor on on-going improvements.
Audit software/firmware releases for compliance to the standards and any vulnerabilities.
Milestone approvals for device and application security elements.
Manages product vulnerabilities and Open-Source software throughout the software development lifecycle.
Manages and runs code scanning tools in CPI DevSecOps pipelines. Audits existing field base; and any software updates (embedded, application, configuration) prior to release.
Management and support of CPI’s HSM Cryptographic infrastructure.
Create and manage PKIs for products.
Manage and administer Appsec API.
Continuous improvements of CPI’s security policies and processes
Regular document reviews.
Provide security training for Engineering and IT on an annual and as requested basis.
WHO WE’RE LOOKING FOR You will bring security process experience with well demonstrated success in software/firmware development.Qualifications and Requirements
Bachelor's degree in engineering, computer science or related field, or equivalent combination of education, training and experience
Minimum of 5 years of the following experience:
Knowledge of security vulnerability / penetration processes
Software or firmware development
Test engineering or technical audit experience desired
Knowledge of software development tools
Leadership and Coaching
Problem Solving
Additional experience – desired
PCI knowledge/experience
Technical knowledge of CPI products
Ability to travel up to 10%
Personal Attributes
Action Oriented: You display a sense of urgency and are known for being a timely decision maker.
Analytical Thinker: You need to have insight and enjoy solving problems.
Creative: You are innovative and resourceful.
Flexible: You are comfortable wearing many hats and able to shift priorities as needed.
Focused on Performance: You manage time and priorities effectively.
Comfortable with innovation: You have passion for continuous improvement and are always seeking a better way to do things.
Organized: You assemble all necessary materials and information before starting a task.
Quality written communication: Your writing is concise and descriptive, and you believe it is necessary to “overcommunicate” project status/updates.
WHAT WE’RE OFFERING
Flexible work environments
Defined career growth plans with opportunities to go outside of your “comfort zone”
“Team Building activities that support innovation”
Generous paid time off, including sick and holiday
Medical, dental, & vision insurance
401K with Company contribution
Flexible spending accounts
Life insurance and disability benefits
Discounts for childcare
Tuition assistance
Community involvement and volunteering events
Opportunities to travel and work at our global sites
Sound interesting? Come see why we are OneCPI!CPI is part of Crane NXT Crane NXT is a premier industrial technology company that provides proprietary and trusted technology solutions to secure, detect, and authenticate what matters most to its customers. The company is a pioneer in advanced, proprietary micro-optics technology for securing physical products, and its sophisticated electronic equipment and associated software leverages proprietary core capabilities with detection and sensing technologies. Crane NXT has approximately 4,000 employees with global operations and manufacturing facilities in the United States, the United Kingdom, Mexico, Japan, Switzerland, Germany, Sweden, and Malta. For more information, visit www.cranenxt.com.Crane Payment Innovations is committed to hiring a diverse workforce. Applicants will receive consideration without regard to race, color, religion, sex, gender identity, sexual orientation, age, disability, military status, or national origin or any other characteristic protected under federal, state, or applicable local law. #LI-TH1#LI-Hybrid#CPI
Vacancy caducado!