Senior Security Analyst

Job Locations US-TX-Corp - Westlake
FLSA Status
Regular Full-Time


This is a key role in the US Information Security team, under the guidance of the Director of Security. The Sr. Application Security Analyst will manage, design, monitor and administer external/internal security services and programs and ensure the security posture of Solera as it pertains to application security.


The Security Application Analyst will work with project teams and resources to ensure that security is a healthy component of the SDLC process thus ensuring our systems, products and services are designed, built, deployed and upgraded to safeguard our information and client's information. They will be responsible for and not limited to the management of an application scanning program, central WAF monitoring, static and dynamic code scanning programs and working closely with DEV to remediate vulnerabilities discovered.


The Security Analyst will also consult on key security initiatives with support from technology groups, human resources, facilities management, regional operations and other areas.

Position 80s

Key 80’s:

  • Engages stakeholders in managing the Application Security Program and ensure that all tasks of the function are achieved in a timely manner.
  • Work with development teams to implement static & dynamic code scanning
  • Work with development teams to implement security checkpoints into the SDLC
  • Define Secure coding standards
  • Perform application source code analysis to track and work with development to remediate vulnerabilities
  • Manage web application penetration testing
  • Provide analysis and guidance regarding threats, vulnerabilities, and privacy and security incidents
  • Analyze proposed solutions architecture, technology, design and IT development processes to identify potential threats and vulnerabilities, and to recommend options that enhance the security of solutions and business processes.
  • Participate in, or lead testing, evaluation, upgrade and implementation of new and existing security applications to address emerging threats and vulnerabilities.


Key 20’s:

  • Ensure the Information Security policies are aligned with COBIT and  ISO 27001 standards. .
  • Participate in Change Management, Problem Management, Configuration Management, and Inventory Management activities as necessary.
  • Coordinate the addressing of and providing regular status on all IT audit reports.
  • Review IT Audit reports and recommend the mitigation of security exposures identified.
  • Advise on information security issues and problems as an information security subject-matter-expert.
  • Facilitate the development of technology and process based solutions of security issues.
  • Research and assist in the development of information security standards based on COBIT and ISO 27001 standards.
  • Carry out research on information security threats and keep abreast of the latest technology, practices and industry best practices.
  • Collaborate with the Infrastructure and Global Security team in developing and deploying the strategy for Enterprise Security Framework.
  • Develop and maintain the information security dashboard based on metrics and Key Performance Indicators.
  • Act as a liaison and subject matter expert on security related projects.
  • Interface regularly with security experts in the industry and with information security vendors.
  • Researches complex information security issues for resolution using information from popular industry tools like log aggregators, SIEMs, server and email logs.
  • Lead the preparations of presentations and summaries on information security management topics.
  • Participates in other specialized information security, risk, and privacy related tasks.
  • Prepares regular status reports
  • Other security related duties as assigned


  • A university degree in computer science or a degree in business with a minor in computer science, or at least 10 years of appropriate professional security experience.
  • Knowledge of technology architecture practice and principles – including an understanding of the relationship between the Technology, Application and Information Architecture domains
  • CISSP, CISM or GIAC certification preferred.
  • A minimum of 5 years broad experience across all IT Security Domains.
  • Managing Information Security related projects across large and complex organizations.
  • Demonstrated success working autonomously and without detailed direction.Experience implementing security controls over multiple security domains in line with the ISO 27001.
  • Experience in implementing IT controls around a number of regulatory/legislative objectives.
  • Familiarity with IT Security COTS tools.
  • Proven record of effective communication with Management, Internal Auditors and External Auditors.
  • Experience in writing Information Security related documentation.
  • Ability to work independently and manage multiple priorities
  • Excellent written and oral communication skills. Be able to write professional reports and presentations.
  • Exceptional interpersonal skills including effective communication, teamwork, facilitation and negotiation.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed