Nearshore Sector |Application Security (AppSec) Analyst

We are looking for an Application Security (AppSec) Analyst to join our team, focusing on identifying and managing application vulnerabilities throughout the Software Development Life Cycle (SDLC). This role is critical for ensuring the security of our software ecosystem, bridging the gap between security protocols and development agility. You will be responsible for operating security scanning tools and collaborating closely with development teams to implement robust remediation plans.

Responsibilities

• Vulnerability Management: Operate and manage security scanning tools, including SAST, SCA, IaC, and Container Scanning (specifically Veracode, GHAS, and Hackuity).

• Analysis & Prioritization: Qualify and prioritize vulnerabilities identified in code, providing actionable insights and accompanying remediation efforts with development squads.

• Security Integration: Deeply integrate security measures into CI/CD pipelines using tools like Git, Azure DevOps, and GitHub.

• Community Engagement: Foster a culture of secure coding by leading developer communities, producing awareness content, and conducting onboarding for new projects within the AppSec program.

• Coordination: Maintain autonomy in coordinating the adoption of security measures across target projects, ensuring compliance with the OWASP Top 10.