Junior Application security analyst

This is a remote position.

Junior Application security analyst - Remote Job, 1+ Year Experience

Annual Income: $59K - $74K

About us: Patterned Learning is a platform that aims to help developers code faster and more efficiently. It offers features such as collaborative coding, real-time multiplayer editing, and the ability to build, test, and deploy directly from the browser. The platform also provides tightly integrated code generation, editing, and output capabilities.

Are you passionate about application security and safeguarding software from vulnerabilities? Do you have a keen eye for detail and enjoy tackling complex technical challenges? If so, then this Application Security Analyst role at [Your Company] is the perfect opportunity to join our mission-critical security team!

In this role, you'll play a vital role in protecting our applications throughout the development lifecycle, ensuring they are built with security in mind.

Here's what you'll do:

• SDLC Security Champion: Analyze security tool results, refine rules, and evaluate their effectiveness to continuously improve our application security posture.
  

• Code Detective: Review and analyze Java source code to identify potential vulnerabilities and security weaknesses.
  

• Penetration Testing Pro: Conduct internal penetration tests to proactively identify and mitigate security risks before they can be exploited by attackers.
  

• Containerization Guru: Gain a deep understanding of containerized applications and their security implications.
  

• Vulnerability Remediation Expert: Develop actionable recommendations for identified vulnerabilities, considering the specific technologies and implementations involved.
  

To be successful, you'll need:

• Solid experience with DAST (Dynamic Application Security Testing) tools like AFL, Fuzzing, and Burp Suite, including building custom test configurations.
  

• Proven experience in conducting penetration testing for virtualized infrastructure environments.
  

• A background in mobile application security is a plus.
  

• Strong programming skills in Java.
  

• Experience working with container orchestration platforms like Kubernetes (k8s) and Docker.
  

• Familiarity with traffic analysis tools like Wireshark.
  

• A passion for automating routine security processes to improve efficiency.
  

• A strong understanding of modern software development methodologies (Agile, SDLC, DevOps, CI/CD).
  

• Excellent written and verbal communication skills (English B1, Russian B2+).
  

Bonus points if you have:

• Experience participating in Bug Bounty programs and contributing to the security community.
  

• A proven track record in Capture the Flag (CTF) competitions.
  

• Familiarity with the OWASP Testing Guide, OWASP Code Review Guide, and OWASP Secure Coding Practices.
  

• Experience working with HashiCorp Vault for secure secrets management.
  

• Experience with network vulnerability scanners (Nessus, XSpider, MaxPatrol).
  

We offer:

• The opportunity to play a vital role in protecting our applications and data from evolving threats.
  

• A collaborative and dynamic work environment where you can learn and grow your skills.
  

• The chance to work with cutting-edge security tools and technologies.
  

• A supportive team environment where you'll be empowered to make a real impact.
  

Ready to leverage your application security expertise and join a team of passionate professionals? Apply today!

We look forward to hearing from you!

Why Patterned Learning LLC?

Patterned Learning can provide intelligent suggestions, automate repetitive tasks, and assist developers in writing code more effectively. This can help reduce coding errors, improve productivity, and accelerate the development process.

The pattern recognition is particularly relevant in the context of coding. Neural networks, especially deep learning models, are commonly employed for pattern detection and classification tasks. These models simulate human decision-making and can identify patterns in data, making them well-suited for tasks like code analysis and generation.