Application Security Analyst
Job Description
Applications are often the most exposed attack surface, making robust application security critical. As an Application Security Analyst, you will be instrumental in teaching AI the nuances of secure coding, vulnerability identification, and threat modeling, enabling it to safeguard software from design to deployment.
Key Responsibilities
Evaluate AI outputs related to the OWASP Top 10 vulnerabilities, including injection flaws, broken authentication, and security misconfigurations.
Assess the accuracy and relevance of AI-generated recommendations for secure coding practices in various languages (e.g., Python, Java, C#, JavaScript).
Provide detailed feedback on AI's understanding of threat modeling methodologies (e.g., STRIDE, DREAD) and their application in SDLC.
Develop benchmark scenarios for AI to analyze, covering topics like static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA).
Validate AI's explanations of common web application attacks (e.g., XSS, CSRF, SQL Injection) and their prevention mechanisms.
Refine AI's ability to interpret security findings from various AppSec tools and prioritize remediation efforts.
Ideal Qualifications
Minimum 5 years of experience in application security, secure development, or penetration testing of web/mobile applications.
Certifications such as CSSLP, OSCP, or GWAPT are highly desirable.
Hands-on experience with AppSec tools (e.g., Burp Suite, ZAP, Checkmarx, SonarQube).
Strong understanding of secure coding principles, common vulnerabilities, and secure SDLC practices.
Proficiency in at least one major programming language (e.g., Python, Java, C#) and web frameworks.
Experience with API security, container security, and cloud-native application security.
Project Timeline
Start Date: Within 1 week
Duration: 6 months (renewable)
• Commitment: Part-time, 20-30 hours/week
Build secure AI, one application at a time – apply today!