Junior Application security analyst - onsite Job, 1 Year Experience

Annual Income: $64K - $77K

In this role, you'll play a vital role in protecting our applications throughout the development lifecycle, ensuring they are built with security in mind.

Here's what you'll do:

• SDLC Security Champion: Analyze security tool results, refine rules, and evaluate their effectiveness to continuously improve our application security posture.

• Code Detective: Review and analyze Java source code to identify potential vulnerabilities and security weaknesses.

• Penetration Testing Pro: Conduct internal penetration tests to identify proactively and mitigate security risks before they can be exploited by attackers.

• Containerization Guru: Gain a deep understanding of containerized applications and their security implications.

• Vulnerability Remediation Expert: Develop actionable recommendations for identified vulnerabilities, considering the specific technologies and implementations involved.

To be successful, you'll need:

• Solid experience with DAST (Dynamic Application Security Testing) tools like AFL, Fuzzing, and Burp Suite, including building custom test configurations.

• Proven experience in conducting penetration testing for virtualized infrastructure environments.

• A background in mobile application security is a plus.

• Strong programming skills in Java.

• Experience working with container orchestration platforms like Kubernetes (k8s) and Docker.

• Familiarity with traffic analysis tools like Wires-listen.

• A passion for automating routine security processes to improve efficiency.

• A strong understanding of modern software development methodologies (Agile, SDLC, DevOps, CI/CD).

• Excellent written and verbal communication skills (English B1, Russian B2 ).

Bonus points if you have:

• Experience participating in Bug Bounty programs and contributing to the security community.

• A proven track record in Capture the Flag (CTF) competitions.

• Familiarity with the OWASP Testing Guide, OWASP Code Review Guide, and OWASP Secure Coding Practices.

• Experience working with HashiCorp Vault for secure secrets management.

• Experience with network vulnerability scanners (Sureness, XSpider, MaxPatrol).

We offer:

• The opportunity to play a vital role in protecting our applications and data from evolving threats.

• A collaborative and dynamic work environment where you can learn and grow your skills.

• The chance to work with cutting-edge security tools and technologies.

• A supportive team environment where you'll be empowered to make a real impact.

Ready to leverage your application security expertise and join a team of passionate professionals? Apply today!

We look forward to hearing from you!

Job Summary