Job Description
Insight Global is seeking an Application Security Analyst to join one of our clients' security teams with focus on application security and vulnerability management. This resource will be doing lots of API testing to aid in a migration project for the first year of the role. The ideal candidate will have knowledge of standards and practices for securing applications and APIs. This role will participate in efforts to identify, verify, report, and track vulnerabilities within their systems and applications. This role spans multiple domains, including desktop, mobile, web applications, and API infrastructure.
Key Responsibilities:
Schedule and perform regular application tests
Conduct penetration tests on important software and systems
Test changes before they go live
Analyze and validate vulnerabilities
Track and report testing activities
Present findings to stakeholders
Maintain dashboards for vulnerabilities
Improve asset management processes
Enhance threat modeling
Review source code and identify duplicates
Use security testing tools (e.g., Veracode, Burp Suite, Checkmarx, Postman)
Automate security scans and integrate with CI/CD pipelines
Collaborate with developers to improve security practices
Support incident response and investigations
Perform various security tests (penetration, purple team, red team)
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
Degree in Computer Science or related field.
Minimum 2 - 5 years of IT experience
Self-starter, able to work independently and in teams.
Technical Skills:
Robust API testing experience
Strong understanding of internet architecture.
Skilled in security testing (most importantly DAST and OWASP Top 10).
Ability to verify vulnerabilities and manual testing.
Familiar with security platforms (Checkmarx, AppScan, Fortify, Veracode, etc.).
Experience with web services, JSON, and API testing.
Conducting vulnerability assessments and communicating security issues.
Knowledge of pipeline integration and source code management (Jenkins, GitHub, etc.).
Knowledge of relational databases (SQL Server, MySQL).
Ability to understand SQL.
Basic knowledge of Azure. - Experience with Databricks
Threat modeling in SDLC
Knowledge of cloud computing and DevOps tools (Azure DevOps, Kubernetes, Docker, Chef)
Experience with cloud platforms (AWS, Google, Azure) and cloud security (Wiz, Prisma Cloud).
Machine learning experience
Experience with RPGLE, RPG-FREE application development
Any SAST or SCA experience
Proficient in programming (.NET, C, C#, Java, Python).
Knowledge of OOP concepts and JavaScript (Node, React).
1-3 years of web development experience (HTML, ASP, ColdFusion, JSP, Node.js, React).
