This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

An application security analyst is a trained professional responsible for providing security assessments of applications and other software. The goal of these assessments is to protect organizations from hacking attempts and threats such as phishing, malware, and ransomware.

Under the direction of the Director for Cyber Security Operations, the Application Security Analyst is responsible for the implementation and management of several security tools and integrations at the KnitWell Group. This includes integrations and automation related to:

• DevSecOps
• Application vulnerability analysis
• Penetration testing
• Code analysis

The Application Security Analyst will use their strong knowledge and experience to advise and assist the organization on all related processes and projects. They will work with all other Engineers and application support teams, whether on-prem or remote, and other IT partners to ensure that all in-house developed Web Applications and related components, processes are efficient, reduce risk within the organization, and enable associates to work effectively and securely.

Qualifications

• Education and/or Certifications in Computer Science, Information Systems, or other related field, or equivalent work experience.
• 3-5+ years of IT work experience, with at least 2 years of experience working in Application security.
• Working experience with security testing tools (DAST, SAST, SCA).
• Hands-on experience with manual web application penetration testing (VAPT).
• Proficient in Burp suite and Kali Linux tools.
• Experience on API testing.
• Knowledge of secure coding practices/frameworks such as OWASP, SSDF.
• Strong knowledge of application security principles.
• Knowledge on Threat Modeling and DevSecOps.
• Strong working knowledge of IT Security best practices.
• Knowledge of policies and procedures; governance practices and control frameworks (ITIL); and regulatory obligations (SOX and PCI) as it relates to information systems.
• Familiarity with software development methodologies such as Agile or DevOps.
• Knowledge in any one programming languages such as Java, Python, or C++.
• Proficiency in some scripting languages (PowerShell, JavaScript, SQL, etc.).
• Understanding of various operating system platforms including Windows, UNIX, etc.
• Ability to interact with all levels of management.
• Must possess an understanding of the retail industry.
• Must possess an understanding of eCommerce infrastructure.

Benefits

• You will be eligible to receive a merchandise discount at select KnitWell Group brands, subject to each brand’s discount policies.
• Support for your individual development plus opportunities for career mobility within our family of brands.
• A culture of giving back – local volunteer opportunities, annual donation and volunteer match to eligible nonprofit organizations, and philanthropic activities to support our communities.
• Medical, dental, vision insurance & 401(K).
• Employee Assistance Program (EAP).
• Time off – paid time off & holidays.
• The target salary range for this role is: $100,000 – 115,000.