Application Security Analyst (Remote)
Remote
KnowBe4, Inc.
KnowBe4 provides security awareness training, anti-phishing protection, and real-time security coaching, enabling you to build a stronger security culture.About KnowBe4
KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by tens of thousands of organizations around the globe. KnowBe4 enables organizations to manage the ongoing problem of social engineering by helping them train employees to make smarter security decisions, every day.
Fortune has ranked us as a best place to work for women, for millennials, and in technology for four years in a row! We have been certified as a "Great Place To Work" in 8 countries, plus we've earned numerous other prestigious awards, including Glassdoor's Best Places To Work.
Our team values radical transparency, extreme ownership, and continuous professional development in a welcoming workplace that encourages all employees to be themselves. Whether working remotely or in-person, we strive to make every day fun and engaging; from team lunches to trivia competitions to local outings, there is always something exciting happening at KnowBe4.
The Application Security Analyst performs all procedures necessary to ensure the safety of information systems and applications and to protect the privacy, confidentiality, integrity, and availability of company and customer data by reviewing and investigating security alerts while having a proactive approach in assisting the infosec and engineering teams to develop secure applications.
Responsibilities:
- Responds to security alerts created across infosec alerting systems
- Escalates security alerts requiring further investigation
- Creates new security alerts and dashboards as needed
- Performs threat hunting across information security log feeds
- Creates Infosec policies,procedures, playbooks, and workflows
- Monitors for, investigates, and responds to security incidents
- Performs root cause analysis on identified vulnerabilities and identified incidents
- Conduct security reviews and penetration testing across company products and services as needed
- Conduct and assess the results of vulnerability scans and triage vulnerabilities across company products
- Stay informed on the latest vulnerabilities
- Conducts security, vulnerability and risk reviews of systems, applications, and source code through the use of various automated tools and manual testing procedures.
- Address security throughout the SDLC
- Review security findings from container scans, dependency checks and static code analysis tools.
- Manage the bug bounty program
- Perform security reviews of the source code
Requirements:
- Bachelor’s degree in information technology or a related field preferred
- Some experience in information security and IT.
- Has an understanding of infosec concepts such as: cloud infrastructure, application security, vulnerability scanning, penetration testing.
- Some experience with infosec testing tools and scripts.
- Familiar with application development concepts: servers, databases, coding, API’s, containers, logging, troubleshooting.
- Knowledge of various operating systems, ChromeOS, Linux, Mac, Windows.
- Familiar with OWASP top 10 and MITRE ATT&CK Framework.
- Able to navigate the linux command line
- Strong verbal and written communications
- Excellent time management and organization skills
- Excellent Analytical skills
- An understanding of security best practices and frameworks such as NIST, ISO, and CIS
The base pay for this position ranges from $65,000 - $80,000, which will vary depending on how well an applicant's skills and experience align with the job description listed above.
Our Fantastic Benefits
We offer company-wide monthly bonuses, employee referral bonuses, 401k matching (US), fully paid medical insurance (US), open/generous paid time off (length varies by country), parental leave (length varies by country), adoption assistance, tuition reimbursement, certification reimbursement, certification completion bonuses, gym benefits, and a relaxed dress code - all in a modern, high-tech, and fun work environment. For more details about our benefits, visit www.knowbe4.com/careers/benefits.
Note: An applicant assessment and background check may be part of your hiring procedure.
Individuals seeking employment at KnowBe4 are considered without prejudice to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation or any other characteristic protected under applicable federal, state, or local law. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please visit www.knowbe4.com/careers/request-accommodation.
No recruitment agencies, please.
Tags: APIs Application security Cloud Code analysis Linux MITRE ATT&CK NIST OWASP Pentesting Privacy SDLC Vulnerabilities Vulnerability scans Windows
Perks/benefits: Career development Insurance Medical leave Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs