Senior Application Security Analyst

March 5

Apply Now

Receive Emails with Similar Jobs

biBerk Business Insurance

WebsiteLinkedInAll Job Openings

biBerk Business Insurance is a company that specializes in providing business insurance solutions tailored to various industries. They focus on protecting enterprises from targeted attacks and threats, particularly in the realm of cybersecurity. With a commitment to safeguarding organizations from phishing emails and malware, biBerk offers advanced insurance and security products designed to mitigate risks and ensure safe online operations.

Workers' Compensation Insurance • General Liability Insurance • Commercial Auto Insurance • Professional Liability Insurance • Errors and Omissions Insurance

51 - 200 employees

🔒 Cybersecurity

🤝 B2B

📋 Description

• Conduct security assessments of web applications, mobile applications, and APIs, including penetration testing, vulnerability scanning, and code reviews. • Identify and document security vulnerabilities, providing clear and actionable recommendations for remediation. • Collaborate with development teams to ensure that security best practices are integrated into the SDLC. • Participate in the development and implementation of application security policies, standards, and procedures. • Stay up-to-date on the latest application security threats, vulnerabilities, and attack techniques. • Research and evaluate new security tools and technologies. • Contribute to the development and delivery of security awareness training. • Monitor security alerts and logs, and respond to security incidents as needed. • Participate in security audits and compliance assessments. • Document and report on security findings and metrics. • Contribute to the continuous improvement of the application security program. • Provide thought leadership regarding secure coding practices and procedures.

🎯 Requirements

• Bachelor's or Master’s degree in Computer Science, Information Security, or a related field • 9+ years of experience in application security testing and vulnerability management • Ability to work independently and as part of a team • Strong analytical and problem-solving skills • Strong understanding of application security principles, including the OWASP Top 10 and SANS CWE Top 25 • Strong verbal and written communication skills, collaboration capabilities, and attention to detail • Experience working on large software development projects while collaborating across multiple agile teams • Ability to work from 8:00AM-4:30PM local time, this is currently a full-time remote position • Ability to respond to occasional after-hours requests • Ability to present to and influence decision makers through reasoned arguments. • Experience with various security testing tools, such as Burp Suite, OWASP ZAP, Checkmarx, Fortify SCA, or similar • Knowledge of common web application vulnerabilities, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) • Experience with at least one programming language (preferably Javascript frameworks such as Angular, .Net Core services) and the ability to perform code reviews for security vulnerabilities • Familiarity with different software development methodologies (e.g., Agile, Waterfall) • Relevant security certifications, such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or GIAC Web Application Security Analyst (GWAPT) (preferred) • Experience with mobile application security testing (preferred) • Knowledge of cloud security best practices (preferred) • Experience with DevSecOps practices (preferred) • Experience with threat modeling (preferred) • Experience with security incident response (preferred)

🏖️ Benefits

• Great work environment with growth opportunity • Competitive compensation • Generous amounts of vacation and sick time • Closed on major holidays • 401(k) with company match • A fantastic healthcare package • Tuition reimbursement after 6 months of employment