CrawlJobs Logo

Application Security Analyst

checkmarx.com Logo

Checkmarx

Location Icon

Location:
Portugal, Braga

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The AppSec Research Team is responsible for researching application security vulnerabilities and transitioning this knowledge into the application security tools. We are a passionate and curious group of people that love security and technology. We are looking for a highly motivated, curious, and autodidact Application Security Analyst to join our team. It is a unique opportunity to start and grow a career in Application Security. As an Application Security Analyst, you will be a part of the Checkmarx Application Security Research Group. You will be analyzing code in different languages and frameworks, researching various technologies and software vulnerabilities, and finding 0-days. You will collaborate with security specialists, analysts, and developers and contribute directly to the improvement of Checkmarx’s AppSec solutions.

Job Responsibility:

  • Perform security source code analysis to identify vulnerabilities
  • Evaluate findings from application security tools
  • Identify, research, and exploit found vulnerabilities
  • Support developers to understand vulnerabilities and their mitigations
  • Develop internal tools for analysis purposes
  • Learn something new every day

Requirements:

  • Development experience with compiled and scripting languages – either academic or work experience
  • Strong sense of responsibility and ownership
  • Ability to learn new programming languages and technologies independently
  • Good English communication skills - written and verbal

Nice to have:

  • Web development work experience
  • Familiarity with the fields of information security, OWASP, static analysis, and common application security testing approaches

Additional Information:

Job Posted:
December 07, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Application Security Analyst

New

Application Security Analyst

An application security analyst is a trained professional responsible for provid...
Location
Location
United States
Salary
Salary:
100000.00 - 115000.00 USD / Year
anntaylor.com Logo
Ann Taylor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Education and/or Certifications in Computer Science, Information Systems, other related field, or equivalent work experience
  • 3-5+ years of IT work experience, with at least 2 years of experience working in Application security
  • Working experience with security testing tools (DAST, SAST, SCA)
  • Hands on experience with manual web application penetration testing (VAPT)
  • Proficient in Burp suite and Kali Linux tools
  • Experience on API testing
  • Knowledge of secure coding practices/frameworks such as OWASP, SSDF
  • Strong knowledge of application security principles
  • Knowledge on Threat Modeling and DevSecOps
  • Strong working knowledge of IT Security best practices
Job Responsibility
Job Responsibility
  • Conduct application security assessments to identify and mitigate security risks
  • Perform DAST scans for the internal and external applications
  • Conduct end-to-end Pentest engagement for E-commerce applications
  • Perform False positive analysis for vulnerabilities from scan results
  • Analyze the security risks and create vulnerability report with recommendations
  • Work collaboratively with cross-functional teams to identify and solve complex security problems
  • Work on ad hoc SAST scan requests and vulnerability analysis
  • Participate in incident response activities and provide technical guidance on security-related incidents
  • Develop and maintain technical documentation related to application security
What we offer
What we offer
  • Merchandise discount at select KnitWell Group brands
  • Support for individual development plus opportunities for career mobility
  • A culture of giving back – local volunteer opportunities, annual donation and volunteer match to eligible nonprofit organizations, and philanthropic activities
  • Medical, dental, vision insurance & 401(K)
  • Employee Assistance Program (EAP)
  • Time off – paid time off & holidays
  • Fulltime
Read More
Arrow Right

Application Security Analyst

The Checkmarx Security Research group seeks an experienced, detail-oriented Appl...
Location
Location
Israel , Ramat Gan
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Ability to handle multiple requests and work in a fast-paced environment
Job Responsibility
Job Responsibility
  • Assist the SCA analysts in conducting vulnerability analysis of known open-source software vulnerabilities to identify affected libraries and other elements, such as the affected vulnerable code
  • Analyze code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Supervise the technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant Product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Senior Application Security Analyst

The Senior Application Security Analyst, VP position is part of CISO organizatio...
Location
Location
United States , Irving
Salary
Salary:
125760.00 - 188640.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
December 31, 2025
Flip Icon
Requirements
Requirements
  • At least 6+ years of relevant experience in web development, source code review, or application security testing
  • Deep understanding and proven expertise in application security principles, common vulnerabilities (e.g., OWASP Top 10, CWE), and secure coding practices
  • Development background in Java/J2EE, C#, .NET (and other relevant enterprise languages like Python, JavaScript/Node.js) in an enterprise environment
  • Strong understanding of DevSecOps principles, CI/CD pipelines, and integrating automated security tools, including AI/ML-driven solutions, into the Software Development Life Cycle
  • Experience using commercial enterprise automated security testing tools such as Burp, Fortify, Checkmarx, Blackduck, Snyk
  • Proficiency in leveraging SAST tools and experience with manual code review techniques and tools/IDEs to identify complex vulnerabilities
  • Demonstrated experience in AI/ML development, including data modeling, algorithm design, and implementation using Python and relevant libraries/frameworks (e.g., TensorFlow, PyTorch, scikit-learn)
  • Professional certifications, such as CISSP, CSSLP (highly preferred), GIAC, CEH or willingness to obtain
  • At least Bachelor's degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST)
  • Conduct in-depth manual source code reviews to identify vulnerabilities
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
  • Identify opportunities to automate, develop custom rules and standardize information security controls
  • Design, develop, and implement AI/ML-driven utilities and models to enhance source code analysis
  • Write formal security assessment report for each application
  • Direct the development and delivery of secure solutions by coordinating with business and technical teams
  • Manage and execute security assessments for multiple projects simultaneously
  • Research and explore new testing tools and methodologies
  • Act as a mentor to the junior team members
What we offer
What we offer
  • Medical, dental & vision coverage
  • 401(k)
  • Life, accident, and disability insurance
  • Wellness programs
  • Paid time off packages including vacation, sick leave, and paid holidays
  • Discretionary and formulaic incentive and retention awards
  • Fulltime
Read More
Arrow Right

Application Security Engineer / Analyst

Core Responsibilities: Perform Web Application and API Security testing aligned ...
Location
Location
India , Chennai, Bangalore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
Job Responsibility
Job Responsibility
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
Read More
Arrow Right

Digital Web & Mobile Security Senior Analyst

The Digital Web & Mobile Security Senior Analyst is an intermediate level positi...
Location
Location
India , Chennai; Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience as application security consultant / security expert
  • SME level knowledge of web application vulnerabilities and web application business logic flaws and threats
  • In depth and hands-on understanding and application architectures and technology (including web applications, mobile technology, web 2.0 technology, identity and access management)
  • Demonstrable experience with mobile application security, HTML5, Web Services/API assessment, identity management will be highly regarded
  • Thorough understanding of industry and corporate technology standards for Information Security
  • Expert in latest Internet and Mobile technology with strong architectural and design knowledge
  • Detailed familiarity with security hacking tools and techniques
  • Excellent written and oral English communication skills
Job Responsibility
Job Responsibility
  • Prevent and drive to clear the outstanding safety and soundness items by assessing and predicting the potential risk items before it becomes an issue / escalation
  • Assess priorities across multiple safety and soundness items and drive those critical ones similar like driving high priority production items and never settle until it is closed
  • Drive our outstanding safety and soundness items across all teams to closure and turn it around to become prevention instead of reacting to issues
  • Operate independently including the ability to provide executive summary for safety and soundness issues for executive consumption without a need for a continuous review
  • Review existing security architectures, identify design gaps, and recommend security enhancements
  • Act as an advocate for the application security architecture. Communicates and educates on the IS Architecture and roadmap
  • Develop security design pattern by identifying broader and emerging IS issues
  • Provides architecture consulting across the bank to project teams and other architects
  • Prioritize architecture deliverables, and establish short-term, mid-term and long-range architecture plans. Facilitates the migration to the reference architecture in a way that enables and supports the strategic plan
  • Maintains understanding of business issues, operating procedures and priorities
  • Fulltime
Read More
Arrow Right

Product Security Engineer - Secure SDLC Analyst

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Security Analyst

The Security Analyst is responsible for assessing security events, findings, ins...
Location
Location
United States
Salary
Salary:
60000.00 USD / Year
digitalmediasolutions.com Logo
Digital Media Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 1-2 years of relevant security experience
  • Security+ certification or equivalent knowledge, skills, abilities (KSAs) is recommended
  • Fundamental knowledge and technical experience with AWS is required
  • Familiarity with Security Information and Event Management (SIEM) tools is a plus
  • Demonstrated critical thinking and problem-solving skills
  • Familiar with system troubleshooting practices and methodologies
  • Excellent written, verbal and interpersonal communication skills
  • Ability to work successfully with teams on multiple projects
  • Collaborative approach/attitude
Job Responsibility
Job Responsibility
  • Review, analyze and respond to security events and findings from system and application logging and security tools
  • Conduct initial response and first-level troubleshooting for malware and phishing incidents
  • Conduct basic security/vulnerability assessments to include scanning/auditing resources, analyzing results and creating tickets as needed for responsible teams
  • Assist technology leadership with security incident handling
  • Assist with Security Awareness training
  • Assist in Vendor Risk Assessments
What we offer
What we offer
  • Medical, dental, vision insurance
  • Wellness and mental health benefits
  • Tax-Advantaged health care accounts
  • Financial and income protection benefits (Life insurance, 401(k), short-term disability)
  • Paid time off (PTO), holidays and sick time off
  • Remote worker assistance for wellness and home office
  • Fulltime
Read More
Arrow Right

Senior Application Analyst - FX Technology

We are looking for a Senior Application Analyst to join our new Application Mana...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • IT experience essential, with relevant experience in Apps Development or production support role
  • Financial services experience highly desirable, with Foreign Exchange or Markets knowledge preferred
  • Experience in / knowledge of information security, or risk management
  • Excellent knowledge of legacy and emerging technologies such as Mainframes, Cloud technologies, distributed ledgers such as Blockchain etc
  • Understanding of SDLC and DevOps tools
  • Bachelor's degree or equivalent
  • Excellent interpersonal, written, and verbal communication skills
  • Ability to handle pressure and prioritize within tight deadlines while maintaining total accuracy
  • Ability to negotiate and influence outcomes while adhering to organizational policies
Job Responsibility
Job Responsibility
  • Senior IT Application analyst works with application managers from a portfolio to reduce and eliminate the administrative work surrounding application development and maintenance
  • Establish strong working relationships with various IT and business teams, such as application development, information security, continuity of business, risk management, etc.
  • Provide assistance to development team to ensure technology risk and control issues and initiatives are addressed timely
  • Ensure application adherence to Identity and access management policies of internal and external IT systems
  • Manage application adherence to recommended software versions (end of life and end of vendor support software monitoring)
  • Manage and track application open source vulnerabilities
  • Ensure application adherence to other information security requirements such as password controls and key management
  • Monitor correct implementation of records management & retention policies
  • Maintain and monitor freshness of Application recovery procedures and continuity of business plans
  • Review escalations, deviations or changes to policies for technology risk and control events and maintain corrective action plans
  • Fulltime
Read More
Arrow Right
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs Poland Jobs Ireland Jobs Spain Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy