Application Security Analyst

Role Overview

We are seeking two experienced Information Security Senior Managers to join our Application Security Operation team. In this role, you will act as a Security Enablement and Engagement Specialist, bridging the gap between technical and non-technical teams to ensure secure software releases. You will be instrumental in integrating application security (AppSec) and Cloud Native Application Protection Platforms (CNAPP) into the software development lifecycle (SDLC), driving stakeholder communication, and fostering a culture of security across the organization. One position will focus on the Cyber Risk team, and the other on the Cloud Acceleration Program.

Key Responsibilities

• Partner with development, DevOps, and application owner teams to seamlessly integrate Application Security tools and gating controls into CI/CD pipelines and release management processes.
• Develop and maintain executive-level AppSec reporting and dashboards for CIOs, providing clear visibility into the organization's security posture and the effectiveness of security initiatives.
• Lead communication and training initiatives for development teams, creating materials and conducting sessions to embed security requirements early in the SDLC and support the rollout of tools like SAST, DAST, and SCA.
• Conduct gap analyses of current business processes, identifying inefficiencies and recommending improvements to align with strategic security and operational goals.
• Facilitate cross-functional collaboration between business units and IT teams, gathering and documenting security requirements to ensure alignment on goals, timelines, and secure application releases.

Required Skills & Qualifications

• 10 years of relevant experience in IT, with a focus on application security and/or release management.
• 3 years of hands-on experience as an application security analyst, with demonstrated expertise in security integration, process automation, risk assessment, and mitigation.
• 2 years of practical experience applying application security principles (SAST, DAST, SCA) throughout the Secure Software Development Lifecycle (SSDLC).
• 2 years of experience building executive-level reports and dashboards to communicate security posture.
• 2 years of experience designing and delivering technical training programs (live sessions, documentation).
• Excellent communication, collaboration, and stakeholder management skills.

Nice-to-Have Skills

• Experience with CI/CD tools such as BitBucket/GitHub, Jenkins, Azure DevOps, or GitLab CI/CD.
• Proficiency in reporting and data visualization tools like Power BI or advanced Excel.
• Programming or scripting experience, preferably with Python.
• CISSP or other relevant security certifications.

Pandologic. Keywords: Application Security Analyst, Location: Toronto, OH - 43964

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.