Senior Application Security Analyst

The Senior Application Security Analyst responsible for conducting in-depth security assessments, identifying vulnerabilities, and implementing security controls to protect applications from potential threats. You will analyse application code and performing security testing. It also involves collaborating with development teams to improve security issues. You will play a necessary part in enhancing the security posture of applications and ensuring compliance with relevant security standards and regulations.

• Conduct comprehensive security assessments, code reviews, and penetration testing of applications to identify potential vulnerabilities and security risks. utilise industry-standard tools and methodologies to assess the security posture of applications and provide applicable recommendations for remediation.
• Identify security vulnerabilities identified during security assessments. Work with development teams to facilitate the remediation of vulnerabilities promptly. Monitor the effectiveness of remediation efforts and ensure that security vulnerabilities are addressed.
• Maintain security technologies used for application security testing and monitoring. Configure security tools such as static code analysis (SAST), dynamic application security testing (DAST), and web application firewalls (WAFs) to enhance the security posture of applications. and implement corrective actions to prevent future occurrences.
• Provide support during security incidents related to applications, including incident detection, analysis, and response. Collaborate with incident response teams to investigate security incidents, identify causes,
• Promote a culture of security awareness among development teams and stakeholders through training sessions, workshops, and awareness campaigns. Educate colleagues on secure coding practices, threat mitigation techniques, and compliance requirements.
• Maintain detailed documentation of security assessments, findings, and remediation efforts. Create regular metrics on application security activities, vulnerabilities, and compliance status to stakeholders and management.
• Collaborate with development teams, architects, IT operations, and security stakeholders to integrate security into the software development lifecycle.
• Identify opportunities for process improvement, optimization, and automation in application security practices. Stay up to date with new threats, vulnerabilities, and security trends in the application security landscape and recommend appropriate measures to mitigate risks.