Application Security Analyst
Role details
Job location
Tech stack
Job description
The Application Security Analyst is an entry-level role responsible for executing automated and manual security testing of Global Relay software and supporting the identification, triage and tracking of application vulnerabilities. Working under close guidance from senior members of the Application & Product Security team, you will help ensure Global Relay's applications and platforms are built and operated securely, with a focus on executing security tests, triaging findings and verifying fixes.
Works under close supervision on well-defined tasks; escalates ambiguous or higher-risk findings to senior team members., * Execute manual and automated security tests against web applications and APIs, following established test cases and methodologies.
- Reproduce and scope reported security issues to determine clear, repeatable steps.
- Collect the information needed from development teams ahead of security testing.
- Maintain and execute manual security test cases.
- Review and triage findings from SAST, DAST, SCA and container scanning tools, validating true positives and flagging impact and likelihood for senior review.
- Run and interpret scans using standard tooling (e.g. Burp Suite Pro, OWASP ZAP).
- Document test outcomes and verify that security fixes resolve the reported issue.
- Build competency in the OWASP Top 10, OWASP API/LLM and Mobile Top 10 and apply them to Global Relay applications.
- Learn the team's manual and automated testing tools.
- Support senior team members with assessment and test planning for upcoming releases.
- Help communicate security testing initiatives to development teams (e.g. test-case reviews, walkthroughs of new content).
- Improve test-case documentation and organisation and follow suggested improvements through to completion.
Requirements
- 0-2 years' hands-on experience in security testing, software testing or a related quality/engineering environment.
- Familiarity with internet and network fundamentals - TCP/IP, UDP, SMTP, HTTP/S, FTP/SFTP/FTPS; broader networking knowledge an asset.
- Working awareness of web application security concepts and the OWASP Top 10.
- Ability to write or modify simple scripts (e.g. Python, Bash) to support testing.
- Foundational understanding of common security tooling and controls.
- Excellent verbal and written communication skills; strong attention to detail and follow-up.
- A methodical, curious and creative approach to problem-solving.
- An entry-level security certification such as CompTIA Security+ (or working toward one) is an asset.
Global Relay is unable to offer visa sponsorship for this position. Candidates must have the right to work in the UK at the time of application.
Benefits & conditions
Though we offer competitive compensation and benefits and all the other perks one would expect from an established company, we are not your typical technology company. Global Relay is a career-building company. A place for big ideas. New challenges. Groundbreaking innovation. It's a place where you can genuinely make an impact - and be recognized for it.
We believe great businesses thrive on diversity, inclusion, and the contributions of all employees. To that end, we recruit candidates from different backgrounds and foster a work environment that encourages employees to collaborate and learn from each other, completely free of barriers.