More jobs:
Application Security Analyst
Job in
Auburn, Lee County, Alabama, 36831, USA
Listed on 2026-06-08
Listing for:
Stellantis
Full Time
position Listed on 2026-06-08
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
This role focuses on identifying, analyzing, and mitigating application security vulnerabilities throughout the SDLC. It supports a broader “Shift Left” cybersecurity strategy, ensuring security is integrated early in development and reinforced through Dev Sec Ops practices.
Application Security & Testing- Perform security testing: SAST, DAST, IAST, mobile security, and dynamic testing
- Analyze vulnerabilities and recommend secure coding fixes
- Demonstrate vulnerabilities to development teams
- Drive remediation efforts to closure
- Work within CI/CD pipelines using tools such as:
- Jenkins, Git Lab, Git Hub Actions, Team City
- Checkmarx, Git Hub Advanced Security, Burp Suite
- Integrate security controls into development workflows
- Lead Web Application Firewall (WAF) deployment for new and existing apps
- Implement application security policies, controls, and standards
- Partner with development, platform, and supplier teams
- Provide clear remediation guidance
- Train teams on secure coding and application security practices
- Develop training materials
- Conduct security assessments using standard tools
- Track and report:
- Risks
- Milestones
- Deliverables
- Status updates
- Recommend strategies based on application risk posture
This role is based in Auburn Hills, MI and is required to be on-site in our HQ building 5 days per week.
Basic Qualifications- Bachelor’s degree in Computer Science, Information Technology, or related field
- 3+ years of hands‑on experience in application security, security testing, and Dev Sec Ops
- Strong understanding of:
- Application architectures (web, mobile, APIs)
- Software development methodologies (Agile, SDLC)
- Modern programming languages (Java, C#, Python)
- Experience performing and interpreting results from:
- SAST, DAST, IAST, SCA, and mobile security testing tools
- Hands‑on experience with secure code review in common languages (Java, C#, Python preferred)
- Prior background in application development, including:
- Compiled code
- Web applications / services
- Mobile app development
- Knowledge of security frameworks and standards:
- NIST, ISO 27001
- NIST SSDF or similar secure development frameworks
- Strong understanding of:
- OWASP Top 10 vulnerabilities and mitigation techniques
- Common attack vectors (web exploits, DDoS, bot attacks)
- Experience with WAF technologies:
- Akamai, Cloudflare, AWS WAF, Azure Front Door
- Familiarity with cloud platforms and modern environments:
- AWS, Azure, GCP
- Containers (Docker, Kubernetes)
- Working knowledge of:
- Programming/scripting:
Java, JavaScript, SQL, HTML - Scripting languages (Python, Bash preferred)
- Programming/scripting:
- Strong analytical, problem‑solving, and communication skills
- Ability to explain technical risks to non‑technical audiences
- Experience writing security reports and documentation
- Ability to work independently and cross‑functionally
- Industry certifications:
- GIAC GWEB
- ISC2 CSSLP
- EC-Council CASE
- Or equivalent App Sec certifications
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×