Application Security Analyst

Summary

Join GuidePoint Security as an Application Security Engineer and contribute to our team's success in helping clients implement and optimize their Application Security tools. You will run client SAST/DAST/SCA tools, review outputs, and provide recommendations. You will also perform manual assessments, code reviews, and tool integrations. This role requires at least six months of experience in an Application Security focused position and a solid understanding of SAST/DAST/SCA tools. A Bachelor's degree in Computer Science or Information Security is preferred, along with standard industry certifications. GuidePoint offers a remote-first work environment (U.S. based) with comprehensive benefits including health, dental, and vision insurance, paid time off, retirement plan eligibility, and more.

Requirements

• At least 6 months of experience working in an Application Security focused position supporting SAST/DAST/SCA tools
• Solid knowledge of manual testing tools such as Burp Suite Pro
• Knowledge of and experience with SAST/DAST/SCA Application Security tools such as: Burp Suite, Netsparker, Veracode, Checkmarx, WhiteSource, etc
• Experience with the integration of tools into development pipelines
• Understanding of a broad range of Application Security issues as well as their mitigation strategies
• Understanding of Application Security related vulnerabilities
• Written communication skills for written interactions with clients
• Strong communication skills that include the ability to clearly articulate thoughts and distill complex problems into digestible pieces of information
• Personal drive and passion to not only continue growing yourself but also the Application Security Engineering practice

Responsibilities

• Run client SAST/DAST/SCA tools, review outputs and provide recommendations
• Implement integrations for tools into pipelines, ticketing systems, etc
• Perform manual based assessments or application-focused pen testing
• Perform code reviews

Preferred Qualifications

• Experience with reviewing source code written in JavaScript, Python, Java, C++, PHP, or C# a plus
• Bachelor's degree in Computer Science or Information Security preferred
• Standard industry certifications are preferred

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option