Application Security Analyst - Boston Massachusetts

Company: Saxon Global
Location: Boston, Massachusetts
Posted On: 05/03/2024

Primary Responsibilities:
- Ensure that in-house and external applications for the business are reviewed to verify proper application design and security has been implemented
- Work closely with application development teams to ensure security is being considered from the earliest design stages into production
- Advise application development teams on ways to mitigate common and discovered vulnerabilities
- Track and keep an inventory of open vulnerabilities throughout the applications and work with teams to ensure they are properly mitigated and then closed
- Support development teams and DevOps in migration to new technologies (i.e. containers, api gateway, and the cloud) ensuring that our same level of security oversight is maintained
- Develop and maintain application security standards and SDLC standards informed by the results of threat modeling and work with specific application development teams to translate those into specific development requirements and user stories
- Read or create architecture diagrams and perform threat modeling with them; assist architecture and development teams with the creation of more secure systems
- Participate in architectural reviews and suggest improvements
- Acts as a technical advisor and subject matter expert to internal stakeholders and partners
- Knowledge in mitigating and addressing threat vectors including APT, DDoS, Phishing, Malicious Payload, Cloud, Mobile Device, Web Application.
- Function as advisor to product teams, providing practical advice on secure design, coding and testing including cloud technologies, practices, and processes
- Create threat models for new and existing software, assess vulnerabilities and provide mitigation recommendations to engineers
- Provide domain expertise in container security and public cloud technology


- Bachelor's Degree or equivalent technology business experience
- Minimum 3 - 5 years' experience in application security or equivalent role
- Excellent verbal and written communication skills
- Strong attention to detail and organizational skills
- Self-starter with the ability to work independently, interface with multiple teams, and willingness to overcome challenging problems while identifying opportunities for improvement.
- Ability to multi-task and context switch to work on multiple project requests in parallel.
- Must demonstrate a strong fundamental understanding of security
- Understanding of application security related vulnerabilities
- Proven history in secure development practices such as threat modeling, secure design, and secure code review/assessments
- Understanding of cloud security controls and the specific challenges in securing cloud-based solutions
- Competency in secure coding in multiple languages, including at least one scripted (e.g., Python, JavaScript, Ruby, PowerShell, Bash and/or PHP) and one compiled (e.g., C, C++, C#, .Net) language
- Understanding of and ability to communicate the techniques, tactics, and practices of an attacker to engineers and business stakeholders who are part of a globally dispersed team.
- Recognized industry certification and/or continuing education programs are a major plus More...

Register an account with us and set up job agents! We'll email you immediately when jobs like this are posted on our site.