You haven't searched anything yet.
Job responsibilities
• Conduct Static Application Security Testing (SAST) and Dynamic Application Security
Testing (DAST).
• Perform security testing on various types of applications, including web, APIs, thick
clients, and mobile applications, as well as their supporting infrastructure.
• Utilize application artifacts such as business requirements, user stories, design
documents, and architecture documents to understand the testing scope and create
targeted security user stories or misuse cases.
• Analyze source code to mitigate identified weaknesses and vulnerabilities within the
system.
• Manage firewalls, network and host intrusion prevention/detection systems, virtual
private networks, threat intelligence platforms, endpoint protection, security training
platforms, email security, forensic tools, public/private/hybrid cloud infrastructure,
identity and access management systems, and physical security systems.
• Monitor security operations center tools and dashboards.
• Perform threat hunting activities using security operations center tools.
• Proactively respond to tickets and incidents.
• Coordinate with the Incident Response team to remediate security incidents as needed.
• Manage and execute security assessments for multiple projects simultaneously,
ensuring project timelines are met.
• Assist with risk analysis activities and design and implement controls to mitigate risk.
• Collaborate and communicate with Compliance, Internal Audit, Business teams, and
others to identify, analyze, and communicate risks; provide support around vulnerability
management within their business requirements.
• Identify, develop, and implement mechanisms to detect vulnerabilities and how they
may lead to corporate incidents to enhance compliance with and support security
standards and procedures.
• Understand compliance requirements that may impact security and effectively
collaborate with business areas and project teams to develop security solutions that
address these requirements.
• Assume a leadership role in advocating internally and externally for compliance with
security measures to protect corporate applications and environments.
• Work with information systems owners and administrators to understand their security
needs and assist with implementing practices and procedures consistent with security
policies.
• Identify opportunities for process improvements and automation.
• Collect and aggregate information from various sources and formats for relevance to
our environment; monitor and provide metrics on the threat level of vulnerabilities.
• Contribute to team activities and planning to improve team skills, awareness,
communication, reputation, and quality of work.
• Build and maintain supplier partnerships to further the company mission and goals.
• Maintain current knowledge of industry trends and standards.
• Create and maintain environmental documentation, tasks, change records, etc.
Essential Skills
• In-depth knowledge of security monitoring and incident response.
• In-depth knowledge of risk analysis and risk mitigation strategies.
• Full understanding of networking technologies and networking protocols with an
emphasis on TCP/IP.
• Scripting experience such as PowerShell, JavaScript, or Python.
• Computer forensics knowledge and experience.
• Understanding of security standards such as NIST 800-53, GDPR, and others.
• Experience working with Identity and Access Control Management Tools.
• Understanding of Defense in Depth strategies.
• Understanding of Security Operations Tools such as SIEM, EPM, DLP, Vulnerability
Management, Firewalls, WAFs, Antivirus Solutions, Email Protection Solutions, Incident
Response and Threat Management.
• In-depth knowledge of computer operating systems such as Windows, MacOS and
Linux.
• Understanding of database administration and application development life cycle
regarding cybersecurity.
Education, Experience, & Certification
• 8 years of experience as Cybersecurity Analyst with focus on Application Security
• Bachelor's degree in Information Systems Security or related degree.
• Technical relevant certifications such as Microsoft MTA, ISACA CSX, CompTIA Security ,
GIAC GISF or ISC 2 SSCP or higher-level certifications.
Full Time
$82k-106k (estimate)
06/09/2024
07/07/2024
The job skills required for Application Security Analyst include Planning, Leadership, Application Security, Business Requirements, Networking, Physical Security, etc. Having related job skills and expertise will give you an advantage when applying to be an Application Security Analyst. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Application Security Analyst. Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for Application Security Analyst positions, which can be used as a reference in future career path planning. As an Application Security Analyst, it can be promoted into senior positions as a Systems/Application Security Analyst, Sr. that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Application Security Analyst. You can explore the career advancement for an Application Security Analyst below and select your interested title to get hiring information.