Sr Cyber Security AnalystFederal Express Corporation • Nashville, Tennessee, United States
Sr Cyber Security Analyst
Federal Express Corporation
- Nashville, Tennessee, United States
- Nashville, Tennessee, United States
À propos
Essential Functions
Implements technologies deployed across application, network/perimeter, data, endpoint, identity & access, and mobility domains.
Researches attempted or successful efforts to compromise systems security and provides countermeasure recommendations.
Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
Performs other duties as assigned.
Minimum Education Bachelor's degree in computer science, information systems, or related degree, and/or equivalent formal training or work experience.
Minimum Experience Four (4) years of experience in IT information security.
Knowledge, Skills, and Abilities General knowledge of hardware, software, and network.
Job Summary As a Senior Cyber Security Analyst, you will be a key technical contributor on a growing Product Security team. Working closely with the team manager and engineers, you will help shape security practices and drive the team's program maturity while serving as a hands‑on security practitioner embedded with our agile development teams. You will bring senior‑level technical judgment to secure the software development lifecycle and provide technical guidance and mentorship to teammates who are newer to product security. This role is well‑suited for an experienced engineer who thrives in a dynamic, evolving environment and is energized by contributing to a team that is actively building its foundation.
Key Responsibilities
Program Development:
Collaborate with the manager and team members to define and mature the Product Security program's long‑term strategy, processes, and roadmap.
Embedded Security Guidance:
Serve as a senior security resource for agile development teams. Lead sprint security discussions, drive security‑focused backlog grooming, and act as a trusted technical advisor to developers.
Secure Design & Code Review:
Independently lead security design reviews and secure code reviews for new features and architectures, identifying and remediating vulnerabilities including OWASP Top 10 and cloud‑specific risk patterns.
Threat Modeling:
Facilitate and lead threat modeling sessions, producing actionable threat models, risk documentation, and mitigation plans.
Security Tooling:
Own the evaluation, configuration, and continuous tuning of security tooling in the CI/CD pipeline (SAST, DAST, SCA); drive actionable remediation with engineering teams based on findings.
Vulnerability Management:
Own end‑to‑end vulnerability identification, triage, prioritization, and remediation tracking for assigned product teams.
Cloud Security:
Apply cloud security principles and best practices to support the organization's ongoing migration to public cloud like GCP, including secure architecture review, IAM, and workload protection guidance.
Mentorship & Technical Guidance:
Provide mentorship and technical guidance to team members, actively helping grow the team's collective capabilities.
Preferred Skills
Experience contributing to or maturing a security program within a large, complex organization.
Familiarity with GCP‑native security tooling relevant to the software supply chain and container security (e.g., Artifact Registry, Binary Authorization, Cloud Build).
Experience with cloud‑native architectures and their security considerations, including container security and Kubernetes (e.g., GKE).
Ability to identify and automate repetitive security tasks to improve team efficiency and scale security operations.
Relevant security certifications (e.g., CSSLP, GWEB, GWAPT, GPEN, or equivalent).
Familiarity with security requirements in a regulated or critical infrastructure industry.
5+ years of experience in technical engineering (software, security, or systems engineering).
3+ years of hands‑on experience in application security or product security.
Proficiency in at least one programming language (e.g., Python, Java, Go, C#) with the ability to read and review code for security vulnerabilities.
Deep familiarity with common vulnerability classes (OWASP Top 10, CWE Top 25) and a demonstrated ability to identify and guide remediation in a codebase.
Hands‑on experience with security tooling in a CI/CD pipeline (e.g., SAST, DAST, SCA).
Ability to work independently, exercise sound technical judgment, and deliver results in a fast‑paced, evolving environment.
Equal Employment Opportunity Federal Express Corporation is an Equal Opportunity Employer including, Vets/Disability.
Reasonable Accommodations Reasonable accommodations are available for qualified individuals with disabilities throughout the application process. Applicants who require reasonable accommodations in the application or hiring process should contact recruitmentsupport@fedex.com.
Applicants’ Rights
Know Your Rights
Pay Transparency
Family and Medical Leave Act (FMLA)
Employee Polygraph Protection Act
E‑Verify Program Federal Express Corporation participates in the Department of Homeland Security U.S. Citizenship and Immigration Services' E‑Verify program (For U.S. applicants and employees only).
E‑Verify Notice (bilingual)
Right to Work Notice (English)
Right to Work Notice (Spanish)
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.