Application Security Analyst

About the role

We are looking for a motivated Application Security Analyst to join our Information Security team. You will work across the software development life cycle to ensure that web, mobile, and API applications are built and deployed with robust security controls.

Key responsibilities

• Perform security reviews of applications at every phase of the SDLC.
• Conduct security testing on web and mobile applications (frontend and backend).
• Assess and secure REST and SOAP APIs, focusing on authentication, authorization, and data validation.
• Identify, analyze, and report security vulnerabilities.
• Collaborate with development teams to remediate security issues.
• Utilize security testing tools such as SAST, DAST, SCA, and manual testing techniques.
• Execute mobile application security assessments for Android and iOS platforms.
• Follow industry best practices and standards, including OWASP guidelines.

Required profile

• At least 1 year of experience in application security or cybersecurity.
• Solid understanding of the Software Development Life Cycle (SDLC).
• Hands‑on experience with API security testing.
• Familiarity with common web and mobile vulnerabilities (e.g., XSS, SQL injection, insecure storage, improper authentication).
• General knowledge of how applications are built and integrated.

Required skills

• SAST, DAST, SCA, manual security testing.
• API security testing (REST/SOAP).
• Mobile security testing for Android and iOS.
• OWASP guidelines.
• Understanding of XSS, SQL injection, insecure storage, authentication and authorization flaws.