Full job description

Description:
The Application Security Analyst will be responsible for working with application development team to analyze application code vulnerabilities and involved in running security scans which include but not limited to SAST, DAST, IAST, Mobile, and ad-hoc dynamic testing. Also, Analyst will play role in extending WAF deployment for large number of applications. The candidate will play a key role in a major cybersecurity transformation initiative of “Shift left and Secure Early” as well as implementing additional security controls in SDLC.

The role entails taking responsibility of analyzing security vulnerabilities and capability to provide mitigation solutions to fix issues by writing secure code, providing guidance to application teams, and coordinating with cross functional teams across the platform.

Key responsibilities:
Hands-on experience working with DevSecOps pipeline using CICD automation tools like Jenkins, TeamCity, GitLab, GitHub Action, Checkmarx, GitHub Advance Security, BurpSuite, and open-source tools.
Implement Application Cyber Security Controls/Policies and standards developed by Application Security Program.
Lead deployment of WAF for existing and new applications
Ability to demo security vulnerability to application teams.
Drive application security issues to a resolution.
Provide a clear guidance to application teams during vulnerability mitigation effort
Conduct application security assessment using standard Stellantis application security tools
Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status
Categorize and recommend assessment strategies for existing and new application development
Coach development and supplier teams on application security
Develop user training material and conduct training sessions

APPLY NOW