Senior Security Analyst

Remote

Applications have closed

Safe Security

Safe Security is a leader in AI-driven cyber risk management. Its real-time, data-driven approach empowers organizations to predict and prevent breaches.

View company page

Our vision is to be the Champions of a Safer Digital Future and be the Champions of Change. We believe in empowering individuals and teams with freedom and responsibility to align their goals such that we all row in the same direction. We are uncomfortably transparent, autonomous & accountable, we have zero tolerance for brilliant jerks, we have unlimited vacation policy and more. For us our Culture Is Our Strategy - check out our Culture Memo for more details and surprises.
Experience: 4+ years

Core Responsibilities

  • Performing in-depth application security assessment to identify security issues and risks
  • Develop in-house tools, extenders and automated scripts to enhance the assessment quality
  • Research and incorporate new security tools and techniques to improvise the overall application security assessment approach
  • Provide end-to-end support to application owners to remediate security vulnerabilities
  • Continuous research on the latest security trends, business logic flaws and novel attacks
  • To enhance security controls database/knowledge base on various technologies
  • Act as application security SME
  • Proactively collaborate across teams to ensure on-time and quality delivery
  • Lead a team of 4-6 application security analysts
  • Review the assessment results, and security report of peers to ensure the delivery quality
  • Guide the team in driving assessment activities (e.g follow-ups, escalations, management, reporting etc.) and meet the customer expectations
  • Consult with Developers and Product Managers to analyse and propose application security standards, methods, and architectures

Essential Skills/ Qualifications/ Experience

  • M.Tech or B.Tech / B.E. / BCA in Computer Science or Information Technology
  • 4-5 years of hands-on experience in conducting vulnerability assessments as per standards such as OWASP Top 10, SANS Top 25, WASC, ASVS and NIST
  • Experience in working with tools such as Burp Suite, Checkmarx/Veracode, OWASP ZAP Scanner, Frida, Objection, Pentesting tools in Kali, etc.
  • Very good understanding of HTTP and Networking fundamentals
  • Have a security architect mindset to be able to provide appropriate guidance to the development/security team of clients
  • Experience in source code review of the web as well as mobile applications using SAST tools as well as identifying the false positive security issues
  • Ability to automate security test cases or write PoC using a scripting language (Python, Shell Script, Ruby/Perl, etc.) wherever required
  • Security certifications like OSCP or OSWE, or its equivalent security cert is mandatory
  • Effective documentation, artefacts capturing, communication, and interpersonal skills
  • Well experienced with Project & Client Handling along with Team Management
  • Sound knowledge of Javascript, .NET, nodeJS, Objective-C / Swift and Kotlin / Java programming languages and runtimes
Join our rocket ship if you want to learn, make your mark and work with incredible talent!

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security Burp Suite C CERT Checkmarx Computer Science Java JavaScript Kali Kotlin NIST Node.js OSCP OSWE OWASP Pentesting Perl Python Ruby SANS SAST Scripting Security assessment Strategy Veracode Vulnerabilities

Perks/benefits: Unlimited paid time off

Region: Remote/Anywhere
Job stats:  31  7  0
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.