Application Security Analyst
Indexed description
In the assigned Job Role of Technology Consultant 1, your Area Of Responsibility will be as below:
- Assist in conducting targeted interviews and workshops to capture user needs, and ensure accurate documentation of stakeholder requirements
- Participate in design discussions to capture software specifications, and aid in creation of process documentation.
- Develop, refine, and document code for new software applications, following detailed design specifications to meet user requirements
- Execute test plans, analyse outcomes, and report defects to the development team, to facilitate enhancement of software performance
- Support the integration of new software features, facilitating smooth transitions within the existing system infrastructure
- Monitor and troubleshoot live applications, ensuring prompt resolution of issues and creation of comprehensive documentation for ongoing system maintenance
- Systematically document coding practices, testing methodologies, and technical solutions, thereby enriching team's knowledge repository
- An agile mindset with effective communication and problem-solving skills.
- The ability to work on majority of the areas as part of SDLC lifecycle
- Passion for innovating solutions that drive progress and meet future challenges.
- A proactive approach to monitoring and resolving production issues before they escalate.
- Commitment to continuous learning, knowledge sharing, and fostering team development
- Hands on experience with tools like Burp Suite, CheckMarx, SonarQube, Veracode, or Fortify. Familiarity with programming languages such as Java, Python, or C#.
- Understanding of web application vulnerabilities (SQL Injection, XSS, CSRF) and common security frameworks.
- Security Testing: Conduct Software Composition Analysis(SCA), Static and Dynamic Application Security Testing (SAST/DAST) on web and mobile applications.
- Vulnerability Management: Triage, prioritize, and assist in the remediation of application vulnerabilities (e.g., OWASP Top 10).
- Developer Collaboration: Partner with software engineering teams to provide actionable guidance and fix recommendations for secure code implementation.
- Threat Modeling: Participate in architecture reviews and threat modeling sessions to identify security flaws before code is deployed to production.
- Tool Maintenance: Manage and optimize application security tools, integrating them into CI/CD pipelines.
- Communication and problem-solving skills, with a proven ability to bridge the gap between development and security.
- Familiar with Application Security concepts and tooling.
- Exposure to DevSecOps, CI/CD pipelines, and container security (Docker, Kubernetes).
- Experience in SIEM/SOAR, cloud security (AWS/Azure/GCP), or IT risk management frameworks.
- Bachelor’s degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
- This position may require relocation and/or travel to work/project location.
- Candidates authorized to work for any employer in the United States without employer-based visa sponsorship are welcome to apply. Infosys is unable to provide immigration sponsorship for this role now or in the future.
- Medical/Dental/Vision/Life Insurance
- Long-term/Short-term Disability
- Health and Dependent Care Reimbursement Accounts
- Insurance (Accident, Critical Illness , Hospital Indemnity, Legal)
- 401(k) plan and contributions dependent on salary level
- Paid holidays plus Paid Time Off
EEO
Infosys provides equal employment opportunities to applicants and employees without regard to race; color; sex; gender identity; sexual orientation; religious practices and observances; national origin; pregnancy, childbirth, or related medical conditions; status as a protected veteran or spouse/family member of a protected veteran; or disability.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search