Application Security Analyst
Clearwater, Florida
KnowBe4, Inc.
KnowBe4 provides Security Awareness Training to help you manage the IT security problems of social engineering, spear phishing and ransomware attacks.About KnowBe4
KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by tens of thousands of organizations around the globe. KnowBe4 enables organizations to manage the ongoing problem of social engineering by helping them train employees to make smarter security decisions, every day.
Fortune has ranked us as a best place to work for women, for millennials, and in technology for four years in a row! We have been certified as a "Great Place To Work" in 8 countries, plus we've earned numerous other prestigious awards, including Glassdoor's Best Places To Work.
Our team values radical transparency, extreme ownership, and continuous professional development in a welcoming workplace that encourages all employees to be themselves. Whether working remotely or in-person, we strive to make every day fun and engaging; from team lunches to trivia competitions to private parties at theme parks, there is always something exciting happening at KnowBe4.
Clearwater positions open to candidates located in greater Tampa Bay area.
The Application Security Analyst performs all procedures necessary to ensure the safety of information systems and applications and to protect the privacy, confidentiality, integrity, and availability of company and customer data by reviewing and investigating security alerts while having a proactive approach in assisting the infosec and engineering teams to develop secure applications.
Responsibilities:
- Responds to security alerts created across infosec alerting systems
- Escalates security alerts requiring further investigation
- Creates new security alerts and dashboards as needed
- Performs threat hunting across information security log feeds
- Creates Infosec policies,procedures, playbooks, and workflows
- Monitors for, investigates, and responds to security incidents
- Performs root cause analysis on identified vulnerabilities and identified incidents
- Conduct security reviews and penetration testing across company products and services as needed
- Conduct and assess the results of vulnerability scans and triage vulnerabilities across company products
- Stay informed on the latest vulnerabilities
- Conducts security, vulnerability and risk reviews of systems, applications, and source code through the use of various automated tools and manual testing procedures.
- Address security throughout the SDLC
- Review security findings from container scans, dependency checks and static code analysis tools.
- Manage the bug bounty program
- Perform security reviews of the source code
Requirements:
- Bachelor’s degree in information technology or a related field preferred
- Some experience in information security and IT.
- Has an understanding of infosec concepts such as: cloud infrastructure, application security, vulnerability scanning, penetration testing.
- Some experience with infosec testing tools and scripts.
- Familiar with application development concepts: servers, databases, coding, API’s, containers, logging, troubleshooting.
- Knowledge of various operating systems, ChromeOS, Linux, Mac, Windows.
- Familiar with OWASP top 10 and MITRE ATT&CK Framework.
- Able to navigate the linux command line
- Strong verbal and written communications
- Excellent time management and organization skills
- Excellent Analytical skills
- An understanding of security best practices and frameworks such as NIST, ISO, and CIS
Our Fantastic Benefits
We offer company-wide monthly bonuses, employee referral bonuses, an employee stock purchase program, 401k matching (US), fully paid medical insurance (US), open/generous paid time off (length varies by country), parental leave (length varies by country), adoption assistance, tuition reimbursement, certification reimbursement, certification completion bonuses, gym benefits, and a relaxed dress code - all in a modern, high-tech, and fun work environment. For more details about our benefits, visit www.knowbe4.com/careers/benefits.
Note: An applicant assessment and background check may be part of your hiring procedure.
Individuals seeking employment at KnowBe4 are considered without prejudice to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation or any other characteristic protected under applicable federal, state, or local law. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please visit www.knowbe4.com/careers/request-accommodation.
No recruitment agencies, please.
Tags: APIs Application security Cloud Code analysis Linux MITRE ATT&CK NIST OWASP Pentesting Privacy SDLC Vulnerabilities Vulnerability scans Windows
Perks/benefits: Career development Health care Insurance Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs