[Remote] Sr Cyber Security Analyst
Note The job is a remote job and is open to candidates in USA. Federal Express Corporation is seeking a Senior Cyber Security Analyst to join their Product Security team. In this role, you will create cyber-intelligence solutions to prevent attacks and provide security guidance while collaborating with agile development teams to mature the security program.
Responsibilities
Collaborate with the manager and team members to define and mature the Product Security program's long-term strategy, processes, and roadmap Serve as a senior security resource for agile development teams. Lead sprint security discussions, drive security-focused backlog grooming, and act as a trusted technical advisor to developers Independently lead security design reviews and secure code reviews for new features and architectures, identifying and remediating vulnerabilities including OWASP Top 10 and cloud-specific risk patterns Facilitate and lead threat modeling sessions, producing actionable threat models, risk documentation, and mitigation plans Own the evaluation, configuration, and continuous tuning of security tooling in the CI/CD pipeline (SAST, DAST, SCA); drive actionable remediation with engineering teams based on findings Own end-to-end vulnerability identification, triage, prioritization, and remediation tracking for assigned product teams Apply cloud security principles and best practices to support the organization's ongoing migration to public cloud like GCP, including secure architecture review, IAM, and workload protection guidance Provide mentorship and technical guidance to team members, actively helping grow the team's collective capabilities Skills Bachelor's degree in computer science, information systems, or related degree, and/or equivalent formal training or work experience Four (4) years of experience in IT information security General knowledge of hardware, software, and network Ability to work independently, exercise sound technical judgment, and deliver results in a fast-paced, evolving environment Experience contributing to or maturing a security program within a large, complex organization Familiarity with GCP-native security tooling relevant to the software supply chain and container security (e.g., Artifact Registry, Binary Authorization, Cloud Build) Experience with cloud-native architectures and their security considerations, including container security and Kubernetes (e.g., GKE) Ability to identify and automate repetitive security tasks to improve team efficiency and scale security operations Relevant security certifications (e.g., CSSLP, GWEB, GWAPT, GPEN, or equivalent) Familiarity with security requirements in a regulated or critical infrastructure industry 5+ years of experience in technical engineering (software, security, or systems engineering) 3+ years of hands-on experience in application security or product security Proficiency in at least one programming language (e.g., Python, Java, Go, C#) with the ability to read and review code for security vulnerabilities Deep familiarity with common vulnerability classes (OWASP Top 10, CWE Top 25) and a demonstrated ability to identify and guide remediation in a codebase Hands-on experience with security tooling in a CI/CD pipeline (e.g., SAST, DAST, SCA)
Benefits
An employee may be eligible for additional pay, premiums, or bonus potential. The Company offers eligible employees health, vision, and dental insurance, retirement plans, and tuition reimbursement Reasonable accommodations are available for qualified individuals with disabilities throughout the application process. Company Overview We began our company by creating the world's next big thing from the ground up - and we've never slowed down, never stopped innovating, never stopped inventing. It was founded in undefined, and is headquartered in , with a workforce of 10001+ employees. Its website is https//careers.fedex.com/?utm_domicile=unspecified&utm_persona=unspecified&utm_trackedsource=srm_linkedin_company&utm_subco=FEC. Apply To This Job