StellantisThe Application Security Analyst will be responsible for working with application development team to analyze application code vulnerabilities and involved in running security scans which include but not limited to SAST, DAST, IAST, Mobile, and ad-hoc dynamic testing.
Also, Analyst will play role in extending WAF deployment for large number of applications. The candidate will play a key role in a major cybersecurity transformation initiative of "Shift left and Secure Early" as well as implementing additional security controls in SDLC.
The role entails taking responsibility of analyzing security vulnerabilities and capability to provide mitigation solutions to fix issues by writing secure code, providing guidance to application teams, and coordinating with cross functional teams across the platform.
Hands-on experience working with DevSecOps pipeline using CICD automation tools like Jenkins, TeamCity, GitLab, GitHub Action, Checkmarx, GitHub Advance Security, BurpSuite, and open-source tools.
Implement Application Cyber Security Controls/Policies and standards developed by Application Security Program.
Lead deployment of WAF for existing and new applications
Ability to demo security vulnerability to application teams.
Drive application security issues to a resolution.
Provide a clear guidance to application teams during vulnerability mitigation effort
Conduct application security assessment using standard Stellantis application security tools
Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status
Categorize and recommend assessment strategies for existing and new application development
Coach development and supplier teams on application security
Develop user training material and conduct training sessions
Bachelor's degree in computer science, Technology or other related field.
At least 3 years of application security analysis, testing and DevSecOps experience.
Understanding of application architectures, development methodologies, and programming languages.
Problem-solving skills and the ability to work both independently and as part of a team.
Technical writing and communication skills to articulate security risks and findings to both technical and non-technical audiences
Hands on experience reviewing application security secure code preferred in Java, C#, Python etc. popular programming languages.
Background experience with application development - compiled code, mobile applications, website design, web services
Hands on experience running SAST, DAST, IAST, SCA and Mobile scan
Knowledge of security and compliance frameworks like NIST and ISO
Understanding and experience in NIST SSDF or other secure software development frameworks
Knowledgeable in deployment of WAF tools such as Akamai, Cloudflare, Azure Front Door, and AWS WAF etc.
Knowledge of the OWASP Top 10 and mitigation strategies for each
Knowledge on techniques of web attacks, DDoS attacks and BOT attacks and management/mitigation controls.
Experienced with cloud platforms (AWS, Azure, GCP) and container frameworks
Knowledge of programming, scripting, and query languages such as Java, SQL, HTML, JavaScript
Prefer that candidates will have experience in scripting languages.
Preferable is candidate has GIAC GWEB, ISC2 CSSLP, EC-Council CASE or other comparable professional certificates
Our Benefits — Designed With You In Mind
Comprehensive Health & Well-being Coverage
From your very first day, you'll have access to medical, dental, vision, and prescription drug coverage — ensuring you and your family stay healthy and protected.
Also, our Employee Assistance Program (EAP) offers confidential support for personal and professional challenges, always ready when you need it.
We proudly support all paths to parenthood- including fertility and infertility treatments, adoption services, and gestational surrogacy.
We believe in work-life balance
17+ paid holidays, including shut-down from December 24th through New Years Day every year. Vacation, float & wellbeing days, sick time and fully paid parental leave when your family needs you most.
We Help You Plan For The Future With An employer match on contributions to your 401k, Roth, and Catch-Up plans An employer contribution, even if you don't contribute
Income Protection & Insurance Options
Benefit from both employer-provided and voluntary plan offerings, including life insurance, group accident, critical illness, etc. - supporting the needs of you and your family and ensuring peace of mind.
Eligible employees and their immediate families can participate in the company vehicle lease program, providing access to Stellantis vehicles with insurance, maintenance, and unlimited miles included.
Plus, take advantage of exclusive discounts on Stellantis products.
Support for Your Growth and Giving Back
We believe in investing in your future and your passions:
18 paid volunteer hours each year to make a difference in your community
When you join us, you're not just building a career — you're joining a company that supports you, inside and outside of work.
At Stellantis, we assess candidates based on qualifications, merit, and business needs. We welcome applications from all people without regard to sex, age, ethnicity, nationality, religion, sexual orientation, disability, or any characteristic protected by law.
We believe that diverse teams reflect our identity as a global company, enabling us to better address the evolving needs of our customers and care for our future.
EOE / Disability / Veteran
¿Te interesa este puesto?