×
Register Here to Apply for Jobs or Post Jobs. X

Senior Application Security Analyst

Job in 411001, Pune, Maharashtra, India
Listing for: ZS Associates
Full Time position
Listed on 2026-07-01
Job specializations:
  • IT/Tech
    Cybersecurity, Cloud Computing: Infrastructure & Operations, Data Security, Security Manager
Job Description & How to Apply Below
ZS    is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by  bringing together data, science, technology  and  human ingenuity  to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide.

ZSers drive impact by bringing a  client-first mentality  to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS.

What you'll do:
Senior Application Security Analyst  in the  Enterprise  will be responsible for Implementing Dev Sec Ops  Practices across cloud environments & mature ZS's Application Security Program. This role requires strategic and out-of-box thinking, high technical expertise, and effective communication skills to proactively identify and address security risks.
Support the implementation of Dev Sec Ops  practices by integrating security tools and controls into CI/CD pipelines across development and staging environments.
Collaborate with developers, SREs, and security teams to incorporate security checks during build, deployment, and runtime phases.
Configure and operate security scanning tools such as SAST, DAST, SCA, container security, and IaC scanning (e.g., Sonar Qube, Checkmarx, Snyk, Trivy, Terraform Scan).
Review and analyze findings from security scans, assist in validating vulnerabilities, and help reduce false positives.
Work with development teams to remediate identified vulnerabilities and track fixes to closure.
Assist in maintaining CI/CD pipelines (e.g., Team City, AWS-based pipelines) with embedded security controls.
Contribute to 'shift-left' initiatives by helping implement reusable pipeline components and security checks.
Monitor and report on security issues in applications, containers, and cloud environments.
Support the creation of documentation, guidelines, and basic training materials for secure development practices.
Stay updated with common application security vulnerabilities, tools, and Dev Sec Ops  best practices.
Collaborate with Application Security teams to support vulnerability triage, basic threat modeling activities, and secure coding practices.
Provide day-to-day support to developers and teams on resolving security issues and tool usage

What you'll bring:
Bachelor's in computer science /management of computer information/information assurance or  Cybersecurity
3-5+ years of Dev Sec Ops  / Secure Dev Ops /Security Engineer/ Application & Cloud Security roles
Preferred

Certifications:

CSSLP / AWS CLP / AWS Certified Solutions Architect / AWS Security Specialty
Expertise in implementing Dev Sec Ops  practices in cloud-native CI/CD pipelines (e.g., Git Lab CI, Git Hub Actions, Jenkins, Team City, Azure Dev Ops, Bit-Bucket).
Strong hands-on experience with application security tools such as Sonar Qube, Fortify, Checkmarx, Snyk, Veracode, Black Duck, Burp Suite, OWASP ZAP.
Knowledge of containerization and orchestration security (Docker, Kubernetes, Helm) and tools like Trivy, Kube-bench, and Aqua.
Working knowledge of  programming/scripting languages  like Python, Java, JavaScript, C#, .Net or go.
Familiarity with cloud-native security controls (AWS Security Hub, Azure Defender, GCP Security Command Center).
Strong scripting skills in Python, Bash, or Power Shell for automation and tool integration.
Ability to develop and enforce security guardrails, policies, and standards in automated and scalable ways.
In-depth understanding of OWASP, CWE, CVE scoring, and secure SDLC methodologies.
Solid understanding of emerging threats and vulnerabilities
Fluency in English
Client-first mentality
Intense work ethic
Collaborative spirit and problem-solving approach
How you'll grow:
Cross-functional skills development & custom learning pathways
Milestone training programs aligned to career…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary