Application Security Analyst

1 Month ago • 5 Years + • Cyber Security

Job Summary

Job Description

The Application Security Analyst 3 will identify and remediate application vulnerabilities using tools and code review. They will perform penetration testing, enforce secure development standards, and act as an escalation point. They will lead application security projects, utilize SAST/DAST tools, research new security trends, and prioritize security issue remediation. They will also guide development teams, help new team members and support automated security testing within CI/CD pipelines, delivering secure applications.
Must have:
  • 3 years of experience in software development and implementing security into SDLC processes
  • 2 years relevant architecture experience with expert level knowledge of application systems design and integration
  • Knowledge of testing for the OWASP Top 10 or CWE Top 25, including secure code remediation
  • Excellent interpersonal communication skills
  • Personal passion for security and cutting edge security concepts
  • Strong understanding of Software Security Architecture and Design, SDLC, CI/CD, and the ability to articulate best practices
  • Experience with evaluating, deploying, and managing application security tools (e.g. DAST, SAST, IAST, SCA)
  • Ability to listen for nuances, dig into details to understand systems deeply, and articulate technical details and risks
Good to have:
  • insurance domain

Job Details

Project description

The Application Security Analyst 3 will understand how to identify, exploit, and remediate complex application vulnerabilities through use of tools and code review. They will do this by using penetration testing skills, tools, and methodology to test new applications and services. They will enforce secure development standards and requirements and will specifically act as an escalation point for any non-compliance that could not be resolved at the Analyst 1 or 2 levels. They will hold application security development projects and discussions as needed and will utilize SAST/DAST and other products to identify and document security vulnerabilities. They will perform research on new security trends, tools, and techniques to improve existing processes and will prioritize, track assign, and drive the remediation of security issues. They will act in a leadership capacity when required to Interface with development teams to provide guidance and feedback on identified vulnerabilities. They will also help new team members acclimate to job role and responsibilities and will act as an escalation for any issues not resolved by Application Security Analysts 2.

Responsibilities
bullet icon

Partner with the company's Product, Software Engineering, DevOps, and IT teams.

bullet icon

Perform application security risk assessments, automate security testing, and guide development teams on secure coding practices.

bullet icon

Deliver security products and consult with DevOps, as part of a high-profile security team, supporting automated security testing as part of CI/CD pipelines.

bullet icon

Develop functional and non-functional security requirements, including delivering secure applications and services, that strike a balance of product usability.

bullet icon

Foster and enable a secure by default culture.

Skills

Must have

bullet icon

Minimum of 3 years of experience in software development and implementing security into SDLC processes.

bullet icon

Additional minimum 2 years relevant architecture experience with expert level knowledge of application systems design and integration.

bullet icon

Comprehensive knowledge, experience, & understanding of testing for the OWASP Top 10 or CWE Top 25, including secure code remediation.

bullet icon

Excellent interpersonal communication skills. Can explain very technical topics to all audiences and break down vulnerabilities to both developers and leadership.

bullet icon

Personal passion for security and cutting edge security concepts.

bullet icon

Required Skills:

bullet icon

Strong understanding of Software Security Architecture and Design, SDLC, CI/CD, and the ability to clearly articulate best practices for application security.

bullet icon

Experience with evaluating, deploying, and managing application security tools (e.g. DAST, SAST, IAST, SCA).

bullet icon

Ability to listen for nuances, dig into details in order to understand systems deeply, and articulate technical details and risks.

Nice to have

bullet icon

insurance domain

Other
seniority icon

Languages

English: C1 Advanced

seniority icon

Seniority

Senior

Similar Jobs

ShyftLabs - Full Stack Engineer

ShyftLabs

Atlanta, Georgia, United States (Hybrid)
1 Month ago
Take-Two Interactive - Site Reliability Engineer II

Take-Two Interactive

Austin, Texas, United States (On-Site)
4 Weeks ago
Capgemini - Automation Tester

Capgemini

Hyderabad, Telangana, India (On-Site)
1 Month ago
Globalization Partners - Senior UX/UI Designer – Mobile (AI Native App)

Globalization Partners

United Kingdom (Remote)
1 Month ago
Ubisoft - Animator

Ubisoft

Pune, Maharashtra, India (On-Site)
2 Months ago
bytedance - Backend Software Engineer - Privacy & Security - Singapore

bytedance

Singapore (On-Site)
8 Months ago
Ion - Network Security Engineer

Ion

Milan, Lombardy, Italy (Hybrid)
8 Months ago
Scale AI - Security Engineer (Infrastructure)

Scale AI

Washington, District Of Columbia, United States (On-Site)
2 Months ago
Lionsgate - Manager, IT Security GRC

Lionsgate

Santa Monica, California, United States (On-Site)
1 Month ago
Nice - Information Security Engineer

Nice

Manila, Metro Manila, Philippines (Hybrid)
2 Days ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

zeta - Project Manager I/II, CEO Office

zeta

Mumbai, Maharashtra, India (On-Site)
2 Months ago
Epic Games - Lead External Development Manager

Epic Games

United States (On-Site)
2 Months ago
TALA - VP of Global HR & Rewards

TALA

Mexico City, Mexico (Hybrid)
2 Months ago
160over90 - Account Manager, Partnerships

160over90

New York, United States (On-Site)
3 Weeks ago
gnosis - Customer Relations Agent

gnosis

São Paulo, Brazil (Remote)
2 Months ago
Stone Search - HRIS Manager - Oracle HCM Cloud

Stone Search

Irvine, California, United States (On-Site)
1 Year ago
Figma - Enterprise Solutions Consultant

Figma

San Francisco, California, United States (Hybrid)
2 Weeks ago
Varonis  - Infra Software Engineer

Varonis

Herzliya, Tel Aviv District, Israel (Hybrid)
3 Months ago
Ubisoft - Data Analytics Manager

Ubisoft

Newcastle Upon Tyne, England, United Kingdom (Hybrid)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Mexico

Marsh McLennan - Operations and Service Specialist (Insurance)

Marsh McLennan

Tijuana, Baja California, Mexico (Hybrid)
3 Weeks ago
Lionbridge Games - Data Engineer I

Lionbridge Games

Mexico City, Mexico City, Mexico (On-Site)
2 Months ago
nubank - Treasury & Regulatory Senior Lawyer

nubank

Mexico City, Mexico (On-Site)
1 Month ago
oportun - Senior Data Engineer - DBA

oportun

Mexico (Remote)
3 Weeks ago
Google - Software Engineer, Metrics and Business Intelligence

Google

Mexico City, Mexico City, Mexico (On-Site)
2 Months ago
QuinStreet - Machine Learning Engineer

QuinStreet

Monterrey, Nuevo Leon, Mexico (Remote)
2 Months ago
FICO - Field Marketing Manager LATAM

FICO

Mexico (Remote)
4 Weeks ago
Marsh McLennan - Junior Executive

Marsh McLennan

Mexico City, Mexico (Hybrid)
3 Weeks ago
Rackspace Technology - Customer Success Manager IV

Rackspace Technology

Mexico City, Mexico (On-Site)
2 Weeks ago
Calix - Senior Core AI Engineer

Calix

Mexico City, Mexico (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

London stock Exchange - Security Engineer

London stock Exchange

Bengaluru, Karnataka, India (Hybrid)
1 Month ago
Corsair gaming - Sr. IT Information Security Manager

Corsair gaming

Duluth, Georgia, United States (On-Site)
4 Weeks ago
Qualcomm - Senior Staff Security Infrastructure Software Engineer

Qualcomm

Iași, Iași County, Romania (On-Site)
1 Month ago
Rippling - Senior Infrastructure Security Engineer

Rippling

San Francisco, California, United States (On-Site)
1 Month ago
Vercel - Staff Security Operations Engineer

Vercel

San Francisco, California, United States (Hybrid)
2 Months ago
Qualcomm - Senior Cyber Security Engineer

Qualcomm

San Diego, California, United States (On-Site)
2 Weeks ago
PwC - Associate Identity & Access Management - Cybersecurity

PwC

United States (On-Site)
1 Month ago
oportun - Security Analyst

oportun

India (Remote)
1 Week ago
Jane Street - Cybersecurity Engineer - Threat Modelling

Jane Street

New York, United States (On-Site)
1 Month ago
CD PROJEKT RED - Cybersecurity Specialist

CD PROJEKT RED

Warsaw, Masovian Voivodeship, Poland (On-Site)
4 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Empower your future with Luxoft: Innovate, thrive and grow in a software-defined world.

Ukrainka, Kyiv Oblast, Ukraine (Remote)

India (Remote)

Germany (Remote)

Egypt (Remote)

Pune, Maharashtra, India (On-Site)

Kraków, Lesser Poland Voivodeship, Poland (On-Site)

Zürich, Zurich, Switzerland (On-Site)

Riyadh, Riyadh Province, Saudi Arabia (On-Site)

Pune, Maharashtra, India (On-Site)

View All Jobs

Get notified when new jobs are added by luxsoft

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug