Application Security Analyst

We are seeking an Application Security Analyst to integrate security into the software development lifecycle, ensuring applications are secure from development through deployment. This role involves performing security assessments on code, implementing automated security testing in CI/CD pipelines, and working with developers to fix vulnerabilities. Candidates should be skilled in DevSecOps practices, with proficiency in tools like SonarQube, OWASP ZAP, and Aqua Security.

Responsibilities:

• Conduct security assessments on applications and code.
• Integrate automated security testing into CI/CD pipelines.
• Work closely with development teams to address identified vulnerabilities.
• Document application security protocols and provide training.
• Monitor security metrics and report on vulnerabilities.

Qualifications:

• Proficiency in DevSecOps tools like SonarQube, OWASP ZAP, and Aqua Security.
• Knowledge of application security best practices and threat modeling.
• Relevant certifications, such as Certified DevSecOps Engineer, are preferred.

This role is essential for embedding security into the application lifecycle, ensuring software releases are resilient against vulnerabilities.