[Remote] Sr Cyber Security Analyst
Note: The job is a remote job and is open to candidates in USA. Federal Express Corporation is seeking a Senior Cyber Security Analyst to join their Product Security team. In this role, you will create cyber-intelligence solutions to prevent attacks and provide security guidance while collaborating with agile development teams to mature the security program.ResponsibilitiesCollaborate with the manager and team members to define and mature the Product Security program's long-term strategy, processes, and roadmapServe as a senior security resource for agile development teams. Lead sprint security discussions, drive security-focused backlog grooming, and act as a trusted technical advisor to developersIndependently lead security design reviews and secure code reviews for new features and architectures, identifying and remediating vulnerabilities including OWASP Top 10 and cloud-specific risk patternsFacilitate and lead threat modeling sessions, producing actionable threat models, risk documentation, and mitigation plansOwn the evaluation, configuration, and continuous tuning of security tooling in the CI/CD pipeline (SAST, DAST, SCA); drive actionable remediation with engineering teams based on findingsOwn end-to-end vulnerability identification, triage, prioritization, and remediation tracking for assigned product teamsApply cloud security principles and best practices to support the organization's ongoing migration to public cloud like GCP, including secure architecture review, IAM, and workload protection guidanceProvide mentorship and technical guidance to team members, actively helping grow the team's collective capabilitiesSkillsBachelor's degree in computer science, information systems, or related degree, and/or equivalent formal training or work experienceFour (4) years of experience in IT information securityGeneral knowledge of hardware, software, and networkAbility to work independently, exercise sound technical judgment, and deliver results in a fast-paced, evolving environmentExperience contributing to or maturing a security program within a large, complex organizationFamiliarity with GCP-native security tooling relevant to the software supply chain and container security (e.g., Artifact Registry, Binary Authorization, Cloud Build)Experience with cloud-native architectures and their security considerations, including container security and Kubernetes (e.g., GKE)Ability to identify and automate repetitive security tasks to improve team efficiency and scale security operationsRelevant security certifications (e.g., CSSLP, GWEB, GWAPT, GPEN, or equivalent)Familiarity with security requirements in a regulated or critical infrastructure industry5+ years of experience in technical engineering (software, security, or systems engineering)3+ years of hands-on experience in application security or product securityProficiency in at least one programming language (e.g., Python, Java, Go, C#) with the ability to read and review code for security vulnerabilitiesDeep familiarity with common vulnerability classes (OWASP Top 10, CWE Top 25) and a demonstrated ability to identify and guide remediation in a codebaseHands-on experience with security tooling in a CI/CD pipeline (e.g., SAST, DAST, SCA)BenefitsAn employee may be eligible for additional pay, premiums, or bonus potential.The Company offers eligible employees health, vision, and dental insurance, retirement plans, and tuition reimbursementReasonable accommodations are available for qualified individuals with disabilities throughout the application process.Company OverviewWe began our company by creating the world's next big thing from the ground up - and we've never slowed down, never stopped innovating, never stopped inventing. It was founded in undefined, and is headquartered in , with a workforce of 10001+ employees. Its website is https://careers.fedex.com/?utm_domicile=unspecified&utm_persona=unspecified&utm_trackedsource=srm_linkedin_company&utm_subco=FEC.