A secure Software Development Lifecycle (SDLC) analyst is responsible for the security related design, execution and testing of an application or service and the data it handles. The responsibilities encompass all phases of an application’s lifecycle, and include incorporation of the CNA’s processes and standards to minimize or eliminate risk to the company, the application or service, and the data.
The analyst will evaluate an application or service using architecture and design documents, code reviews, static testing, dynamic testing, company standards and industry guides and established best practices. When a vulnerability or risk is encountered the analyst will provide recommendations and select security controls to developer teams and stakeholders to minimize or eliminate the risk. The analyst will take what is learned and improve automation, CI/CD pipelines and standards to refine processes for all company apps and services.
You have a clear vision of where your career can go. And we have the leadership to help you get there. At CNA, we strive to create a culture in which people know they matter and are part of something important, ensuring the abilities of all employees are used to their fullest potential.
CNA seeks to offer a comprehensive and competitive benefits package to our employees that helps them — and their family members — achieve their physical, financial, emotional and social wellbeing goals.
For a detailed look at CNA’s benefits, check out our Candidate’s Guide.
Education & Experience
CNA is committed to providing reasonable accommodations to qualified individuals with disabilities in the recruitment process. To request an accommodation, please contact email@example.com.