Overview
On Site
Full Time
Skills
Software Development Methodology
Information Technology
Workflow
Accountability
Management
Data Analysis
Software Security
Continuous Improvement
Documentation
Information Security
System Implementation
Leadership
Systems Analysis
Project Management
PASS
CISSP
CISM
GSEC
OSCP
GraphQL
OWASP
SCA
API
Vulnerability Management
Software Development
Continuous Integration
Continuous Delivery
IT Risk
IT Risk Management
ServiceNow
Dashboard
Reporting
Collaboration
Network
Taxes
Law
Security Management
Employment Authorization
Job Details
Job Description
The Senior Information Security Analyst - Application Protection will support enterprise efforts to secure APIs and provide support for secure software development lifecycle (S-SDLC) initiatives and operations.
Responsibilities
This is a full-time, remote position within the United States.
This vacancy is not eligible for sponsorship/ we will not sponsor or transfer visas for this position. Also, Mayo Clinic DOES NOT participate in the F-1 STEM OPT extension program.
Qualifications
Master's degree in applicable field and 4 years' experience, or Bachelor's degree in applicable field and 5 years' experience. Pertinent fields of study and experience include (but is not limited to) the following: information security, operational analysis, process change, electronic systems implementation, leadership, systems analysis and project management with broad-based key enterprise initiatives. Must have one of the following certifications (or equivalent) at time of hire. In lieu of
certification at time of hire, candidate must pass the exam within three years and complete the certification process once years of service requirements of the certifying body have been met.
CISSP
CISM
HCISPP
GSEC
OSCP
Preferred Qualifications:
Strong understanding of API security concepts, including specifications (e.g., REST, GraphQL, OpenAPI), architectures, and common vulnerabilities (e.g., OWASP API Security Top 10), preferred.
Experience using and interpreting results from application and API security tools such as SAST, DAST, SCA, or API gateways.
Familiarity with vulnerability management processes, including triage, prioritization, and remediation tracking.
Working knowledge of secure software development practices and CI/CD pipeline integration points.
Ability to analyze and correlate data from multiple security tools to identify trends, coverage gaps, and areas for improvement.
Proven ability to communicate technical risk findings clearly to both technical and non-technical audiences.
Experience collaborating with development and infrastructure teams to drive remediation and enhance security practices.
Familiarity with automation and reporting through tools such as ServiceNow or custom dashboards.
About Us
Why Mayo Clinic
Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans - to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic.
Benefits Highlights
About the Team
Just as our reputation has spread beyond our Minnesota roots, so have our locations. Today, our employees are located at our three major campuses in Phoenix/Scottsdale, Arizona, Jacksonville, Florida, Rochester, Minnesota, and at Mayo Clinic Health System campuses throughout Midwestern communities, and at our international locations. Each Mayo Clinic location is a special place where our employees thrive in both their work and personal lives. Learn more about what each unique Mayo Clinic campus has to offer, and where your best fit is.
Equal Opportunity
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability status. Learn more about the "EOE is the Law". Mayo Clinic participates in E-Verify and may provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's Form I-9 to confirm work authorization.
The Senior Information Security Analyst - Application Protection will support enterprise efforts to secure APIs and provide support for secure software development lifecycle (S-SDLC) initiatives and operations.
Responsibilities
- Partner with Information Technology and development teams to ensure secure API design, implementation, and operation in alignment with organizational policies and standards.
- Review and analyze API and application vulnerability data; identify trends, assess risk, and provide reporting to support remediation and risk reduction efforts.
- Coordinate exception management workflows related to vulnerability and application protection policies to ensure effective remediation and accountability.
- Contribute to the design and implementation of a robust, repeatable, and measurable secure development lifecycle process in collaboration with IT and Security stakeholders.
- Support Application Security Posture Management (ASPM) through data analysis and reporting to improve application security visibility.
- Support the creation and continuous improvement of governance, metrics, and documentation that promote secure development best practices.
This is a full-time, remote position within the United States.
This vacancy is not eligible for sponsorship/ we will not sponsor or transfer visas for this position. Also, Mayo Clinic DOES NOT participate in the F-1 STEM OPT extension program.
Qualifications
Master's degree in applicable field and 4 years' experience, or Bachelor's degree in applicable field and 5 years' experience. Pertinent fields of study and experience include (but is not limited to) the following: information security, operational analysis, process change, electronic systems implementation, leadership, systems analysis and project management with broad-based key enterprise initiatives. Must have one of the following certifications (or equivalent) at time of hire. In lieu of
certification at time of hire, candidate must pass the exam within three years and complete the certification process once years of service requirements of the certifying body have been met.
CISSP
CISM
HCISPP
GSEC
OSCP
Preferred Qualifications:
Strong understanding of API security concepts, including specifications (e.g., REST, GraphQL, OpenAPI), architectures, and common vulnerabilities (e.g., OWASP API Security Top 10), preferred.
Experience using and interpreting results from application and API security tools such as SAST, DAST, SCA, or API gateways.
Familiarity with vulnerability management processes, including triage, prioritization, and remediation tracking.
Working knowledge of secure software development practices and CI/CD pipeline integration points.
Ability to analyze and correlate data from multiple security tools to identify trends, coverage gaps, and areas for improvement.
Proven ability to communicate technical risk findings clearly to both technical and non-technical audiences.
Experience collaborating with development and infrastructure teams to drive remediation and enhance security practices.
Familiarity with automation and reporting through tools such as ServiceNow or custom dashboards.
About Us
Why Mayo Clinic
Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans - to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic.
Benefits Highlights
- Medical: Multiple plan options.
- Dental: Delta Dental or reimbursement account for flexible coverage.
- Vision: Affordable plan with national network.
- Pre-Tax Savings: HSA and FSAs for eligible expenses.
- Retirement: Competitive retirement package to secure your future.
About the Team
Just as our reputation has spread beyond our Minnesota roots, so have our locations. Today, our employees are located at our three major campuses in Phoenix/Scottsdale, Arizona, Jacksonville, Florida, Rochester, Minnesota, and at Mayo Clinic Health System campuses throughout Midwestern communities, and at our international locations. Each Mayo Clinic location is a special place where our employees thrive in both their work and personal lives. Learn more about what each unique Mayo Clinic campus has to offer, and where your best fit is.
Equal Opportunity
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability status. Learn more about the "EOE is the Law". Mayo Clinic participates in E-Verify and may provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's Form I-9 to confirm work authorization.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.