Job Information
CAI Lead Application Security Analyst in United States
Lead Application Security Analyst
Req number:
R2940
Employment type:
Full time
Worksite flexibility:
Remote
Who we are
CAI is a global technology services firm with over 8,500 associates worldwide and a yearly revenue of $1 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right—whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise.
Job Summary
As a Lead Application Security Analyst, you will be responsible for ensuring the security of applications throughout their lifecycle to identify potential vulnerabilities, suggest mitigation strategies, and support the development team in implementing these strategies
Job Description
We are searching for a seasoned Lead Application Security Analyst to join our team. You will work as a consultant to our product development staff, ensuring the security of our applications throughout their lifecycle. Your role will be to identify potential vulnerabilities, suggest mitigation strategies, and support the development team in implementing these strategies. In addition, you will be responsible for creating and maintaining a Security Champion program to educate and guide our application developers in security best practices. This position will be full-time and Remote.
What You’ll Do
Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications
Utilize Software Assurance Maturity Model (SAMM) to evaluate and improve the security of software development processes
Continuously manage vulnerabilities by identifying, classifying, prioritizing, and mitigating them effectively
Familiar with OWASP methodologies and incorporate them into security practices
Work closely with product development teams to ensure secure coding practices are followed
Educate application developers about application security to raise awareness and build a Security Champion program
Leverage threat modeling for applications to identify potential threats and suggest suitable mitigation strategies
Provide expert advice on the selection and implementation of appropriate security software tools.
What You'll Need
Required:
Proficiency in programming languages such as Java, Python, C++, or others commonly used in application development
Knowledge of security technologies, application design and coding practices, remediation techniques, secure coding standards/DevOps methodologies
Proficiency with MACOS, Windows, Linux
Knowledge of Full Stack development processes and protection mechanisms is a plus
3-5 years Application Security Experience
Team management skills are preferred
Proven experience as an Application Security Analyst or similar role
In-depth knowledge of SAST, DAST, IAST, and SAC
Knowledge of Gitlab Ultimate and other relevant security tools
Familiarity with OWASP methodologies and application security vulnerabilities
Experience in threat modeling and risk assessment
Exceptional ability to educate and guide application developers in security best practices
Excellent communication, presentation, and interpersonal skills
Relevant certifications like CISSP, CSSLP, GWAPT, or GWEB will be a plus
Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent experience
Physical Demands
Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state and local standards
Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings
Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor
Reasonable accommodation statement
If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to application.accommodations@cai.io or (888) 824 – 8111.