Application Security Analyst

Product Security Analyst, Hybrid/Dublin, Permanent

Application Security Analyst, AppSec Analyst

Talentspot has partnered on an exclusive basis with global, market-leading, enterprise-scale end-user as they increase the knowledge and add further Cloud Security firepower to their technology security and risk community that consists of around 50 colleagues globally.

Opportunity Summary

Our customer is seeking an experienced Product Security Analyst. This role offers exciting opportunities for growth and impact as they scale the business and continue to innovate. As a Product Security Analyst, you will be responsible for designing, implementing, and maintaining security measures across their environment, specifically on internally developed applications and externally facing applications.

You must be proficient in troubleshooting, vulnerability management, cloud security, application security, have a deep understanding of a wide range of systems, and be capable of leading other teams in these efforts. You will work closely with IT and other business units to ensure their security posture remains strong, aligned with industry best practices, and compliant with regulatory requirements. You will also be looking to the future, identifying future needs and exploring leading-edge solutions.

Responsibilities

• Conduct application security assessments and penetration tests to identify vulnerabilities and security issues.
• Work closely with the software development team to ensure that secure coding practices are understood and implemented throughout the application development lifecycle.
• Design and implement security solutions to protect applications from potential threats.
• Provide guidance and recommendations on application security best practices.
• Maintain knowledge of the latest security trends, threats, and countermeasures.
• Participate in incident response and handling activities related to application security incidents.
• Host security awareness and training sessions for the development team to promote secure coding practices.
• Develop and maintain application security standards, policies, and procedures.
• Report and document security findings and remediation activities.
• Integrate security tools and practices into the continuous integration/continuous delivery (CI/CD) pipeline.

Skills \& Experience

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Proven experience as an Application Security Engineer or similar role.
• Professional background in complex, enterprise-scale, global companies
• Strong understanding of software development life cycle (SDLC) and secure coding practices.
• Proficiency in conducting security assessments and penetration tests.
• Experience with security tools and technologies like firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC).
• Knowledge of regulatory requirements and industry best practices related to application security.
• Experience with cloud security and DevSecOps practices.
• Familiarity with OWASP Top Ten and other security frameworks.
• Team player who enjoys working in a collaborative and friendly environment and is an active contributor as part of a global team.
• Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, curiosity, initiative, and drive; self-motivated and brings a sense of pride to their accomplishments.
• Ability to present ideas in a user-friendly, business-friendly, and technical language.
• Strategic self-starter with an innovative mindset and outstanding attention to detail.
• A background in a global SaaS, big tech, or insurance company would be of interest but not essential

You must be eligible to live and work in Ireland with no restrictions, as sponsorship now or in the future is not available.