Senior Security Analyst
Remote
Applications have closed
Safe Security
Safe Security is a leader in AI-driven cyber risk management. Its real-time, data-driven approach empowers organizations to predict and prevent breaches.Experience: 4+ years
Core Responsibilities
- Performing in-depth application security assessment to identify security issues and risks
- Develop in-house tools, extenders and automated scripts to enhance the assessment quality
- Research and incorporate new security tools and techniques to improvise the overall application security assessment approach
- Provide end-to-end support to application owners to remediate security vulnerabilities
- Continuous research on the latest security trends, business logic flaws and novel attacks
- To enhance security controls database/knowledge base on various technologies
- Act as application security SME
- Proactively collaborate across teams to ensure on-time and quality delivery
- Lead a team of 4-6 application security analysts
- Review the assessment results, and security report of peers to ensure the delivery quality
- Guide the team in driving assessment activities (e.g follow-ups, escalations, management, reporting etc.) and meet the customer expectations
- Consult with Developers and Product Managers to analyse and propose application security standards, methods, and architectures
Essential Skills/ Qualifications/ Experience
- M.Tech or B.Tech / B.E. / BCA in Computer Science or Information Technology
- 4-5 years of hands-on experience in conducting vulnerability assessments as per standards such as OWASP Top 10, SANS Top 25, WASC, ASVS and NIST
- Experience in working with tools such as Burp Suite, Checkmarx/Veracode, OWASP ZAP Scanner, Frida, Objection, Pentesting tools in Kali, etc.
- Very good understanding of HTTP and Networking fundamentals
- Have a security architect mindset to be able to provide appropriate guidance to the development/security team of clients
- Experience in source code review of the web as well as mobile applications using SAST tools as well as identifying the false positive security issues
- Ability to automate security test cases or write PoC using a scripting language (Python, Shell Script, Ruby/Perl, etc.) wherever required
- Security certifications like OSCP or OSWE, or its equivalent security cert is mandatory
- Effective documentation, artefacts capturing, communication, and interpersonal skills
- Well experienced with Project & Client Handling along with Team Management
- Sound knowledge of Javascript, .NET, nodeJS, Objective-C / Swift and Kotlin / Java programming languages and runtimes
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Burp Suite C CERT Checkmarx Computer Science Java JavaScript Kali Kotlin NIST Node.js OSCP OSWE OWASP Pentesting Perl Python Ruby SANS SAST Scripting Security assessment Strategy Veracode Vulnerabilities
Perks/benefits: Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs