Job Details:
IT Application Security Analyst mid level Full time Remote
POSITION SUMMARY
Responsibilities include driving secure code initiatives, overseeing the secure SDLC on various applications, identifying security weaknesses, and developing solutions to minimize risk and improve security. You will partner directly with application development teams on the education and support of application security best practices. Additionally, you will be responsible for secure code reviews, threat modeling, application scanning, vulnerability remediation, and penetration testing support.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations.
WHAT YOU’LL BE DOING:
Implementing recommended security controls and solutions to secure applications and websites
Developing security gates for integration into multiple SDLC processes
Analyzing source code for security deficiencies
Partnering with developers on secure design and coding practices
Identifying application security vulnerabilities
Tracking and leading vulnerability resolutions
Developing and deploying Web Application Firewall (WAF) policies
Preparing application security KPIs and Metrics for review by Security and IT leadership
Other duties as assigned
PROJECTS YOU’LL BE WORKING ON:
Conducting Static Source Code Scans, Dynamic Application Scans, and penetration tests
Collaborating with members of the Security team to improve application security monitoring capabilities
Responding to application security incidents and investigations
Identifying automation opportunities for integration into application platforms and processes
YOU SHOULD HAVE:
3-4 years of application security experience
Experience with application development and scripting (.NET, C#, Python, PowerShell)
Strong understanding of DevOps and CI/CD processes in both public cloud and on-premise environments
Experience with dynamic and static code analysis tools
Solid understanding of web protocols and APIs
Working knowledge of public cloud infrastructures like Azure
Proven skills in risk assessment, cybersecurity controls selection, vulnerability assessment and penetration testing
Creative approach to solving complex security challenges
Ability to convey complex security issues to both technical and non-technical audiences
Aptitude for finding unusual and uncommon risks within applications
Please forward your resume in word format to kevin@libertyjobs.com
#LI-KM1
#associate
#midsenior
#IT