Application Security Analyst
Indexed description
Key Responsibilities
Application Security & Testing
- Perform security testing: SAST, DAST, IAST, mobile security, and dynamic testing
- Analyze vulnerabilities and recommend secure coding fixes
- Demonstrate vulnerabilities to development teams
- Drive remediation efforts to closure
- Work within CI/CD pipelines using tools such as:
- Jenkins, GitLab, GitHub Actions, TeamCity
- Checkmarx, GitHub Advanced Security, Burp Suite
- Integrate security controls into development workflows
- Lead Web Application Firewall (WAF) deployment for new and existing apps
- Implement application security policies, controls, and standards
- Partner with development, platform, and supplier teams
- Provide clear remediation guidance
- Train teams on secure coding and application security practices
- Develop training materials
- Conduct security assessments using standard tools
- Track and report:
- Risks
- Milestones
- Deliverables
- Status updates
- Recommend strategies based on application risk posture
Basic Qualifications
- Bachelor’s degree in Computer Science, Information Technology, or related field
- 3+ years of hands-on experience in application security, security testing, and DevSecOps
- Strong understanding of:
- Application architectures (web, mobile, APIs)
- Software development methodologies (Agile, SDLC)
- Modern programming languages (Java, C#, Python)
- Experience performing and interpreting results from:
- SAST, DAST, IAST, SCA, and mobile security testing tools
- Hands-on experience with secure code review in common languages (Java, C#, Python preferred)
- Prior background in application development, including:
- Compiled code
- Web applications / services
- Mobile app development
- Knowledge of security frameworks and standards:
- NIST, ISO 27001
- NIST SSDF or similar secure development frameworks
- Strong understanding of:
- OWASP Top 10 vulnerabilities and mitigation techniques
- Common attack vectors (web exploits, DDoS, bot attacks)
- Experience with WAF technologies:
- Akamai, Cloudflare, AWS WAF, Azure Front Door
- Familiarity with cloud platforms and modern environments:
- AWS, Azure, GCP
- Containers (Docker, Kubernetes)
- Working knowledge of:
- Programming/scripting: Java, JavaScript, SQL, HTML
- Scripting languages (Python, Bash preferred)
- Strong analytical, problem-solving, and communication skills
- Ability to explain technical risks to non-technical audiences
- Experience writing security reports and documentation
- Ability to work independently and cross-functionally
- Industry certifications:
- GIAC GWEB
- ISC2 CSSLP
- EC-Council CASE
- Or equivalent AppSec certifications
Family Building Benefit
We proudly support all paths to parenthood- including fertility and infertility treatments, adoption services, and gestational surrogacy.
Generous Paid Time Off
We believe in work-life balance. That’s why we offer: 17+ paid holidays, including shut-down from December 24th through New Years Day every year. Vacation, float & wellbeing days, sick time and fully paid parental leave when your family needs you most.
Competitive Retirement Savings Plans
We Help You Plan For The Future With
- An employer match on contributions to your 401k, Roth, and Catch-Up plans
- An employer contribution, even if you don’t contribute
Company Vehicle Lease Program
Eligible employees and their immediate families can participate in the company vehicle lease program, providing access to Stellantis vehicles with insurance, maintenance, and unlimited miles included. Plus, take advantage of exclusive discounts on Stellantis products.
Support for Your Growth and Giving Back
We believe in investing in your future and your passions:
- Tuition reimbursement
- Student loan refinancing programs
- 18 paid volunteer hours each year to make a difference in your community
At Stellantis, we assess candidates based on qualifications, merit, and business needs. We welcome applications from all people without regard to sex, age, ethnicity, nationality, religion, sexual orientation, disability, or any characteristic protected by law. We believe that diverse teams reflect our identity as a global company, enabling us to better address the evolving needs of our customers and care for our future.
EOE / Disability / Veteran
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search