Information Technology Security Analyst

Recurring Decimal
Charlotte, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Charlotte, United States of America

Tech stack

Agile Methodologies
Software System Penetration Testing
Computer Security
Issue Tracking Systems
Open Web Application Security
Secure Coding
Software Engineering
Software Vulnerability Management
Enterprise Software Applications
Software Security
GWAPT
Devsecops
Api Management
Vulnerability Analysis

Job description

We are seeking a skilled IT Security Analyst with a strong background in application penetration testing to help protect and strengthen enterprise application ecosystem. This role will serve as a key liaison between internal development teams and external security testing partners, ensuring vulnerabilities are identified, remediated, and validated effectively., * Manage the end-to-end application penetration testing lifecycle, including planning, scheduling, execution, and retesting.

  • Coordinate with third-party penetration testing vendors and internal application development teams.
  • Review and validate penetration testing results, ensuring findings are accurate, prioritized, and actionable.
  • Track remediation efforts and conduct or coordinate retesting of resolved vulnerabilities.
  • Provide expert guidance to application developers on secure coding practices and vulnerability remediation.
  • Advise leadership on application security risks, trends, and mitigation strategies.
  • Ensure alignment with industry standards such as OWASP Top 10 and secure development best practices.
  • Maintain documentation of findings, risk assessments, and remediation status.

Requirements

  • 5-7 years of experience in IT security, with a focus on application security and penetration testing.
  • Strong understanding of application penetration testing methodologies and tools.
  • Deep familiarity with OWASP Top 10 vulnerabilities and mitigation techniques.
  • Experience working with external security vendors and managing testing engagements.
  • Ability to interpret technical findings and communicate risks to both technical and non-technical stakeholders.
  • Experience collaborating with application development teams in Agile or similar environments., * Hands-on penetration testing experience (web and/or API testing preferred).
  • Relevant certifications such as CEH, OSCP, GWAPT, or similar.
  • Familiarity with secure SDLC practices and DevSecOps methodologies.
  • Experience with vulnerability management platforms and ticketing systems.

Skills

  • Application Security and Penetration Testing
  • OWASP Vulnerability Analysis
  • Risk Assessment and Remediation Tracking
  • Cross-functional Collaboration
  • Communication and Stakeholder Management

Apply for this position