Senior/Lead Application Security Analyst - Progressive

Key Responsibilities

• Design and execute application security testing programs, including static and dynamic analysis, across enterprise applications.
• Perform detailed secure code reviews and provide remediation guidance to development teams.
• Develop threat models and risk assessments for new and existing applications, identifying design and implementation gaps.
• Serve as the subject‑matter expert on OWASP Top 10 and other industry standards, ensuring compliance throughout the software development lifecycle.
• Collaborate with DevOps and engineering teams to embed security controls into CI/CD pipelines (DevSecOps).
• Communicate findings, recommendations, and remediation status to stakeholders and senior leadership.

Requirements

• 5+ years of hands‑on experience in application security, including SAST and DAST tools.
• Proven expertise in secure code review for languages such as Java, .NET, JavaScript, or Python.
• Strong knowledge of threat modeling methodologies and OWASP Top 10 vulnerabilities.
• Experience integrating security into CI/CD pipelines and working in Agile/DevSecOps environments.
• Excellent communication skills with the ability to translate technical findings into actionable business recommendations.