Application Security Analyst
Job Summary
Job Description
- 3 years of experience in software development and implementing security into SDLC processes
- 2 years relevant architecture experience with expert level knowledge of application systems design and integration
- Knowledge of testing for the OWASP Top 10 or CWE Top 25, including secure code remediation
- Excellent interpersonal communication skills
- Personal passion for security and cutting edge security concepts
- Strong understanding of Software Security Architecture and Design, SDLC, CI/CD, and the ability to articulate best practices
- Experience with evaluating, deploying, and managing application security tools (e.g. DAST, SAST, IAST, SCA)
- Ability to listen for nuances, dig into details to understand systems deeply, and articulate technical details and risks
- insurance domain
5 skills required
Job Details
Project description
The Application Security Analyst 3 will understand how to identify, exploit, and remediate complex application vulnerabilities through use of tools and code review. They will do this by using penetration testing skills, tools, and methodology to test new applications and services. They will enforce secure development standards and requirements and will specifically act as an escalation point for any non-compliance that could not be resolved at the Analyst 1 or 2 levels. They will hold application security development projects and discussions as needed and will utilize SAST/DAST and other products to identify and document security vulnerabilities. They will perform research on new security trends, tools, and techniques to improve existing processes and will prioritize, track assign, and drive the remediation of security issues. They will act in a leadership capacity when required to Interface with development teams to provide guidance and feedback on identified vulnerabilities. They will also help new team members acclimate to job role and responsibilities and will act as an escalation for any issues not resolved by Application Security Analysts 2.
Responsibilities
Partner with the company's Product, Software Engineering, DevOps, and IT teams.
Perform application security risk assessments, automate security testing, and guide development teams on secure coding practices.
Deliver security products and consult with DevOps, as part of a high-profile security team, supporting automated security testing as part of CI/CD pipelines.
Develop functional and non-functional security requirements, including delivering secure applications and services, that strike a balance of product usability.
Foster and enable a secure by default culture.
Skills
Must have
Minimum of 3 years of experience in software development and implementing security into SDLC processes.
Additional minimum 2 years relevant architecture experience with expert level knowledge of application systems design and integration.
Comprehensive knowledge, experience, & understanding of testing for the OWASP Top 10 or CWE Top 25, including secure code remediation.
Excellent interpersonal communication skills. Can explain very technical topics to all audiences and break down vulnerabilities to both developers and leadership.
Personal passion for security and cutting edge security concepts.
Required Skills:
Strong understanding of Software Security Architecture and Design, SDLC, CI/CD, and the ability to clearly articulate best practices for application security.
Experience with evaluating, deploying, and managing application security tools (e.g. DAST, SAST, IAST, SCA).
Ability to listen for nuances, dig into details in order to understand systems deeply, and articulate technical details and risks.
Nice to have
insurance domain
Other
Languages
English: C1 Advanced
Seniority
Senior
Similar Jobs
Looks like we're out of matches
Similar Skill Jobs
Looks like we're out of matches
Jobs in Mexico
Looks like we're out of matches
Similar Category Jobs
Looks like we're out of matches
About The Company
Get notified when new jobs are added by luxsoft
