Junior Application security analyst
- Hybrid (3 days in office) Job, 1 Year Experience
In this role, you'll play a vital role in protecting our applications throughout the development lifecycle, ensuring they are built with security in mind.
Here's what you'll do:
SDLC Security Champion: Analyze security tool results, refine rules, and evaluate their effectiveness to continuously improve our application security posture.
Code Detective: Review and analyze Java source code to identify potential vulnerabilities and security weaknesses.
Penetration Testing Pro: Conduct internal penetration tests to identify proactively and mitigate security risks before they can be exploited by attackers.
Containerization Guru: Gain a deep understanding of containerized applications and their security implications.
Vulnerability Remediation Expert: Develop actionable recommendations for identified vulnerabilities, considering the specific technologies and implementations involved.
To be successful, you'll need:
Solid experience with DAST (Dynamic Application Security Testing) tools like AFL, Fuzzing, and Burp Suite, including building custom test configurations.
Proven experience in conducting penetration testing for virtualized infrastructure environments.
A background in mobile application security is a plus.
Strong programming skills in Java.
Experience working with container orchestration platforms like Kubernetes (k8s) and Docker.
Familiarity with traffic analysis tools like Wires-listen.
A passion for automating routine security processes to improve efficiency.
A strong understanding of modern software development methodologies (Agile, SDLC, DevOps, CI/CD).
Excellent written and verbal communication skills (English B1, Russian B2 ).
Bonus points if you have:
Experience participating in Bug Bounty programs and contributing to the security community.
A proven track record in Capture the Flag (CTF) competitions.
Familiarity with the OWASP Testing Guide, OWASP Code Review Guide, and OWASP Secure Coding Practices.
Experience working with HashiCorp Vault for secure secrets management.
Experience with network vulnerability scanners (Sureness, XSpider, MaxPatrol).
We offer:
The opportunity to play a vital role in protecting our applications and data from evolving threats.
A collaborative and dynamic work environment where you can learn and grow your skills.
The chance to work with cutting-edge security tools and technologies.
A supportive team environment where you'll be empowered to make a real impact.
Ready to leverage your application security expertise and join a team of passionate professionals? Apply today!
We look forward to hearing from you!
Patterned
Learning can provide intelligent suggestions, automate
repetitive tasks, and assist developers in writing code
more effectively. This can help reduce coding
errors, improve productivity, and accelerate development.
The
pattern recognition is particularly relevant in the context of
coding. Neural networks, intense learning models, are
commonly employed for pattern detection and classification
tasks. These models simulate human decision-making and can
identify patterns in data, making them well-suited for tasks
like code analysis and generation.
Click the checkbox next to the jobs that you are interested in.
Click the checkbox next to the jobs that you are interested in.
Application Delivery Skill
Bug/Defect Analysis Skill
Journeyman Cartographer Analyst
TechGuard Security, Honolulu, HI
Prescient Edge Federal, Honolulu, HI