Junior Application security analyst

Junior Application security analyst - Hybrid (3 days in office) Job, 1 Year Experience

In this role, you'll play a vital role in protecting our applications throughout the development lifecycle, ensuring they are built with security in mind.

Here's what you'll do:

• SDLC Security Champion: Analyze security tool results, refine rules, and evaluate their effectiveness to continuously improve our application security posture.
  

• Code Detective: Review and analyze Java source code to identify potential vulnerabilities and security weaknesses.
  

• Penetration Testing Pro: Conduct internal penetration tests to identify proactively and mitigate security risks before they can be exploited by attackers.
  

• Containerization Guru: Gain a deep understanding of containerized applications and their security implications.
  

• Vulnerability Remediation Expert: Develop actionable recommendations for identified vulnerabilities, considering the specific technologies and implementations involved.
  

To be successful, you'll need:

• Solid experience with DAST (Dynamic Application Security Testing) tools like AFL, Fuzzing, and Burp Suite, including building custom test configurations.
  

• Proven experience in conducting penetration testing for virtualized infrastructure environments.
  

• A background in mobile application security is a plus.
  

• Strong programming skills in Java.
  

• Experience working with container orchestration platforms like Kubernetes (k8s) and Docker.
  

• Familiarity with traffic analysis tools like Wires-listen.
  

• A passion for automating routine security processes to improve efficiency.
  

• A strong understanding of modern software development methodologies (Agile, SDLC, DevOps, CI/CD).
  

• Excellent written and verbal communication skills (English B1, Russian B2 ).
  

Bonus points if you have:

• Experience participating in Bug Bounty programs and contributing to the security community.
  

• A proven track record in Capture the Flag (CTF) competitions.
  

• Familiarity with the OWASP Testing Guide, OWASP Code Review Guide, and OWASP Secure Coding Practices.
  

• Experience working with HashiCorp Vault for secure secrets management.
  

• Experience with network vulnerability scanners (Sureness, XSpider, MaxPatrol).
  

We offer:

• The opportunity to play a vital role in protecting our applications and data from evolving threats.
  

• A collaborative and dynamic work environment where you can learn and grow your skills.
  

• The chance to work with cutting-edge security tools and technologies.
  

• A supportive team environment where you'll be empowered to make a real impact.
  

Ready to leverage your application security expertise and join a team of passionate professionals? Apply today!

We look forward to hearing from you!

Patterned Learning can provide intelligent suggestions, automate repetitive tasks, and assist developers in writing code more effectively. This can help reduce coding errors, improve productivity, and accelerate development.

The pattern recognition is particularly relevant in the context of coding. Neural networks, intense learning models, are commonly employed for pattern detection and classification tasks. These models simulate human decision-making and can identify patterns in data, making them well-suited for tasks like code analysis and generation.