Application Security Analyst

Insight Global is seeking an Application Security Analyst to join one of our clients' security team with focus on application security and vulnerability management. The ideal candidate will have knowledge of standards and practices for securing applications and APIs. This role will participate in efforts to identify, verify, report, and track vulnerabilities within their systems and applications. This role spans multiple domains, including desktop, mobile, web applications, and API infrastructure.

Position Responsibilities:

· Schedule and perform regular application tests.

· Conduct penetration tests on important software and systems.

· Test changes before they go live.

· Analyze and validate vulnerabilities.

· Track and report testing activities.

· Present findings to stakeholders.

· Maintain dashboards for vulnerabilities.

· Improve asset management processes.

· Enhance threat modeling.

· Review source code and identify duplicates.

· Use security testing tools (e.g., Veracode, Burp Suite).

· Automate security scans and integrate with CI/CD pipelines.

· Collaborate with developers to improve security practices.

· Support incident response and investigations.

· Perform various security tests (penetration, purple team, red team).

We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Education & Experience:

· Degree in Computer Science or related field.

· Minimum 2 - 5 years of IT experience

· Self-starter, able to work independently and in teams.

Technical Skills:

· Strong understanding of internet architecture.

· Skilled in security testing (SAST, DAST, SCA, OWASP Top 10).

· Ability to verify vulnerabilities and manual testing.

· Familiar with security platforms (Checkmarx, AppScan, Fortify, Veracode, etc.).

· Experience with web services, JSON, and API testing.

· Conducting vulnerability assessments and communicating security issues.

· Proficient in programming (.NET, C, C#, Java, Python).

· Knowledge of OOP concepts and JavaScript (Node, React).

· 1-3 years of web development experience (HTML, ASP, ColdFusion, JSP, Node.js, React).

· Knowledge of pipeline integration and source code management (Jenkins, GitHub, etc.).

· knowledge of relational databases (SQL Server, MySQL).

· Ability to write and understand SQL.

· Basic knowledge of Azure.

· Experience with ServiceNow

· Threat modeling in SDLC

· Knowledge of cloud computing and DevOps tools (Azure DevOps, Kubernetes, Docker, Chef)

· Experience with cloud platforms (AWS, Google, Azure) and cloud security (Wiz, Prisma Cloud).

· Machine learning experience

· Experience with RPGLE, RPG-FREE application development

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.