Application Security Analyst
Phoenix Building, Bengaluru, India
Samsung Electronics
Entdecken Sie die innovative Welt von SAMSUNG Deutschland! Infomieren Sie sich hier über unsere Produkte und finden Sie Hilfe in unserem Support Bereich.Position Summary
The Application Security Analyst will administer our code testing platforms, analyze code testing results, interact with development teams to enforce and develop Samsung Ads secure software development lifecycle (SDLC). Candidates will possess strong technical analytical skills while providing accurate analysis of system vulnerabilities and risk-based remediations. They have a well–rounded risk management, web application development and linux systems.The individual is user focused and works to resolve user needs in a timely manner.
● Perform vulnerability and code reviews, working with developers to get stack rolled out
● Find and resolve security vulnerabilities on a variety of platforms (SSP (supply-side platform)) using Java)
● Handle risk management operational activities
● Help design secure web application architecture and secure design principles
● Complete manual focused web application vulnerability assessments
● Collaborating with teams to identify opportunities and provide recommendations on how application security can be built into project development;
● Implementing strategy for application vulnerability reviews and remediations
● Advocate security and secure coding practices
Role and Responsibilities
- 10+ years of related experience in application security, penetration testing; and vulnerability management
- Strong English communication skills – written & documentation, verbal and speaking; French is an asset
- Minimum 8 year of experience with vulnerability management in Linux systems and web applications
- Minimum 8 year of experience with SAST, DAST and providing security requirements to developers
- Minimum 8 year of experience with threat modeling
- Coding or scripting skills in Python, Bash or any other programming language
- Experience and willingness to take the initiative and think proactively
Nice to haves (assets)
- Bachelor’s degree in Computer Science or equivalent relevant experience in information security with relevant industry certifications
- 6+ year of general IT or web development experience
- Experience or knowledge of Java
- Experience with Web application Firewall (WAF) such as Akamai, Imperva or AWS WAF
- Knowledge of Kubernetes, Docker
- Security +, SSCP and other technical security certifications (e.g. Information Systems Security Architecture Professional, Information Security Engineering Professional, Certification and Accreditation Professional, or equivalent certifications)
- Knowledge or experience using ‘Slack’, ‘G-Suite’ and ‘AWS’
- Knowledge security best practices for AWS services : IAM, Cloud Trail, GuardDuty, S3, EC2.
Skills and Qualifications
* Please visit Samsung membership to see Privacy Policy, which defaults according to your location. You can change Country/Language at the bottom of the page. If you are European Economic Resident, please click here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Bash Cloud Computer Science DAST Docker EC2 Firewalls IAM Java Kubernetes Linux Pentesting Privacy Python Risk management S3 SAST Scripting SDLC SSCP Strategy System Security Plan Vulnerabilities Vulnerability management
Perks/benefits: Career development
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs