Application Security Analyst - HealthStream

Key Responsibilities

• Conduct comprehensive security assessments of web, mobile, and API applications using OWASP Top 10 and industry best practices.
• Perform penetration tests, vulnerability scans, and code reviews to identify and remediate security flaws.
• Collaborate with development teams to integrate secure coding practices and remediate findings in a timely manner.
• Develop and maintain threat models, risk matrices, and security documentation for compliance with healthcare regulations.
• Utilize tools such as Burp Suite, Nessus, and custom scripts to automate security testing and reporting.

Requirements

• 3+ years of experience in application security or related field.
• Strong knowledge of OWASP standards, secure coding, and vulnerability remediation.
• Hands‑on experience with penetration testing tools (Burp Suite, OWASP ZAP) and vulnerability scanners (Nessus, Qualys).
• Excellent analytical, communication, and problem‑solving skills.
• Relevant certifications (e.g., OSCP, CEH, CISSP) preferred.