Applications Security Analyst

GENERAL DESCRIPTION

Performs professional and technical work involving the analysis, assessment, and coordination of application security activities for County systems and business applications. Conducts security reviews of applications, databases, interfaces, file shares, cloud and SaaS platforms, and related systems to identify vulnerabilities, access control weaknesses, insecure configurations, and data exposure risks. Utilizes approved vulnerability assessment and security analysis tools to identify, validate, document, and track security issues affecting applications and supporting systems. Works with application owners, technical staff, business units, and vendors to support remediation planning, implementation of corrective actions, mitigation strategies, and documentation of approved exceptions. Assists in the development and maintenance of procedures, standards, and documentation related to application security, vulnerability management, and access governance. Prepares findings summaries, reports, and recommendations for technical staff, business users, management, and leadership. Assigned systems may include one or more major systems supporting multiple business units and/or several smaller systems with cross-system integration requirements. Assigned security tasks cover a diverse range of on-premise and cloud-based enterprise systems, spanning departments such as Finance, Public Safety, General Services, etc. Work may include securing in-house processes and software within Windows, SQL, and web-based environments. Work is performed under the general direction of designated Information Technology leadership.

ESSENTIAL JOB FUNCTIONS

~ Conducts security assessments of assigned applications, databases, interfaces, file shares, collaboration platforms, cloud services, SaaS platforms, and related systems to identify vulnerabilities, access control weaknesses, insecure configurations, and data exposure risks.
~ Documents security findings, risk observations, technical conditions, business impact, and recommended corrective actions in accordance with established procedures and standards.
~ Utilizes approved vulnerability assessment, scanning, and security analysis tools to identify, validate, document, and prioritize security findings affecting applications and supporting systems.
~ Reviews user, group, shared, service, and administrative access to assigned systems and applications to identify excessive privileges, inappropriate access, dormant accounts, and opportunities to improve least-privilege enforcement.
~ Works with application owners, infrastructure staff, database administrators, business units, vendors, and