Application Security Analyst (Remote)

The Application Security Analyst performs all procedures necessary to ensure the safety of information systems and applications and to protect the privacy, confidentiality, integrity, and availability of company and customer data by reviewing and investigating security alerts while having a proactive approach in assisting the infosec and engineering teams to develop secure applications.

Responsibilities:

• Responds to security alerts created across infosec alerting systems
• Escalates security alerts requiring further investigation
• Creates new security alerts and dashboards as needed
• Performs threat hunting across information security log feeds
• Creates Infosec policies,procedures, playbooks, and workflows
• Monitors for, investigates, and responds to security incidents
• Performs root cause analysis on identified vulnerabilities and identified incidents
• Conduct security reviews and penetration testing across company products and services as needed
• Conduct and assess the results of vulnerability scans and triage vulnerabilities across company products
• Stay informed on the latest vulnerabilities
• Conducts security, vulnerability and risk reviews of systems, applications, and source code through the use of various automated tools and manual testing procedures.
• Address security throughout the SDLC
• Review security findings from container scans, dependency checks and static code analysis tools.
• Manage the bug bounty program
• Perform security reviews of the source code

Requirements:

• Bachelor's degree in information technology or a related field preferred
• Some experience in information security and IT.
• Has an understanding of infosec concepts such as: cloud infrastructure, Application Security, vulnerability scanning, penetration testing.
• Some experience with infosec testing tools and scripts.
• Familiar with application development concepts: servers, databases, coding, API's, containers, logging, troubleshooting.
• Knowledge of various operating systems, ChromeOS, Linux, Mac, Windows.
• Familiar with OWASP top 10 and MITRE ATT&CK Framework.
• Able to navigate the linux command line
• Strong verbal and written communications
• Excellent time management and organization skills
• Excellent Analytical skills
• An understanding of security best practices and frameworks such as NIST, ISO, and CIS

The base pay for this position ranges from $65,000 - $80,000, which will vary depending on how well an applicant's skills and experience align with the job description listed above.

Remote positions open to the US only. #ZR

As part of the SET team, you will develop and implement highly scalable testing frameworks that meet our remarkably high standards of quality, performance, and reliability.

Responsibilities:

• Develops automated testing software using the KnowBe4 Software Development Lifecycle and Agile Methodologies
• Recommends solutions to engineering problems
• May act as team section lead for larger sub-projects or entire, small projects

Minimum Qualifications:

• BS or equivalent plus 3 years experience
• MS/Ph.D. or equivalent plus no experience
• 3-5+ Years of software development or software engineering in test experience
• 3-5+ Years of professional C# experience
• 1-3+ Years of professional automation methodologies, tools, and practices experience
• Solid hands-on Object-oriented Programming (OOP) experience
• Solid understanding of software design patterns and anti-patterns
• Solid hands-on experience implementing dependency injection and inversion of control patterns
• Solid hands-on experience implementing REST or GraphQL-based micro-services
• Solid understanding of relational database structures, indexes, theories, principles, and practices
• Solid organizational skills, tracking multiple test executions simultaneously and ability to synthesize multiple results concurrently
• Demonstrated experience within the software industry, software test engineering concepts and processes
• Able to leverage structured formats like JSON, YAML, XML, and related technologies to build scalable, testable RESTful applications
• Able to deal well with ambiguous/undefined problems; ability to think abstractly

The base pay for this position ranges from $115,000-$127,500, which will vary depending on how well an applicant's skills and experience align with the job description listed above.

We will accept applications until 5/26/24.