More jobs:
Cyber Security Analyst III - App Security & Vulnerability; Remote
Remote / Online - Candidates ideally in
Raleigh, Wake County, North Carolina, 27601, USA
Listed on 2026-07-01
Raleigh, Wake County, North Carolina, 27601, USA
Listing for:
First Citizens Bank
Remote/Work from Home
position Listed on 2026-07-01
Job specializations:
-
IT/Tech
Cybersecurity, Data Security, Information Security
Job Description & How to Apply Below
Cyber Security Analyst
This is a remote role in NC, AZ, and TX.
We are seeking a highly skilled Cyber Security Analyst with a strong background in application security and vulnerability management. This role focuses on identifying, analyzing, and mitigating security risks across software development pipelines using SAST, DAST, and SCA tools. The ideal candidate combines hands-on technical expertise with knowledge of modern security practices and emerging technologies, including AI/ML.
Responsibilities- Perform static (SAST), dynamic (DAST), and software composition analysis (SCA) to identify vulnerabilities in applications and third-party components
- Analyze scan results, triage findings, and prioritize remediation efforts based on risk
- Partner with development teams to remediate vulnerabilities and improve secure coding practices
- Conduct regular security assessments and vulnerability scans across applications and environments
- Validate and reproduce vulnerabilities, including false positive elimination
- Track and report vulnerability metrics, risk trends, and remediation progress
- Configure, deploy, and maintain security scanning tools (e.g., Checkmarx, Veracode, Fortify, Snyk, Burp Suite, OWASP ZAP)
- Automate security testing processes using scripting or APIs
- Improve scanning efficiency and coverage through tuning and optimization
Bachelor's Degree and 6 years of experience in Information Security OR High School Diploma or GED and 10 years of experience in Information Security
Required Qualifications
- Hands-on experience with:
- SAST, DAST, and SCA tools
- Web application security testing (OWASP Top 10, API security)
- Strong understanding of:
- Secure software development lifecycle (SDLC / Dev Sec Ops )
- Common vulnerabilities (e.g., injection, XSS, authentication flaws)
- Proficiency in one or more programming/scripting languages (e.g., Python, Java, JavaScript, Bash)
- Experience interpreting and prioritizing scan results and remediation plans
Preferred Qualifications
- Experience integrating security tools into CI/CD pipelines (e.g., Jenkins, Git Hub Actions, Azure Dev Ops)
- Familiarity of container and cloud security (AWS, Azure, GCP)
- Familiarity with AI/ML concepts and security implications
- Industry certifications such as: CEH, Security+, SSCP, GIAC or comparable.
Key Skills
- Strong analytical and problem-solving skills
- Provide risk-based recommendations to stakeholders
- Ability to communicate technical findings to both technical and non-technical stakeholders
- Experience working cross-functionally with development and engineering teams
- Attention to detail with a risk-based security mindset
Nice-to-Have Experience
- API security testing tools (Postman, SoapUI)
- AI-assisted security tooling (e.g., anomaly detection, code analysis assistants)
- Knowledge of regulatory frameworks (NIST, ISO 27001, SOC
2) - AI/ML & Emerging Technologies
- Leverage AI/ML-based security tools for enhanced detection and analysis
- Assess risks related to AI/ML models (e.g., data poisoning, model inversion, adversarial attacks)
- Participate in securing AI-driven applications and data pipelines
- Threat Analysis & Risk Management
- Assess potential threats and attack vectors relevant to applications and APIs
- Apply threat modeling techniques (e.g., STRIDE) during development lifecycle
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×