CrawlJobs Logo
Checkmarx Logo Checkmarx · IT - Software Development

Application Security Analyst

Portugal, Braga · Job Posted April 16, 2026
Apply Position
Job Link Share

Job Description

The Checkmarx Security Research group seeks an experienced, curious, detail-oriented Application Security Analyst to join our team in Braga. Your role will include an in-depth understanding of vulnerabilities and how they occur in the code, from open-source libraries to proprietary code, and involvement with the entire security research group. On one hand, you will get familiar with our family of security products, such as SAST, DAST, SCA, SCS, and others. On the other hand, your work can include scripting and leveraging AI to automate and improve processes, researching and supporting the development of new product features, identifying 0-day vulnerabilities, and staying up to date with the latest Application Security trends. Apart from the Security Research group, you will collaborate with multiple Teams, including Product Management, R&D, and others.

Job Responsibility

  • Analyze source code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Collaborate with other areas in the group, such as SCA and SCS
  • Supervise required technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
  • Leverage the latest technological trends for optimizing processes, including AI

Requirements

  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst or researcher
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Customer-oriented mindset and driven by innovation

What we offer

  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
Checkmarx - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Application Security Analyst

8 matching positions

Application Security Analyst

The Checkmarx Security Research group seeks an experienced, detail-oriented Appl...
Location
Location
Israel , Ramat Gan
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passionate about security and keen on growing in the security field
  • 1-2 years of experience as an analyst
  • 1-2 years of experience in a similar role in the security field
  • Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices
  • Have a deep understanding of the OWASP Top 10
  • Experience with Python scripting/programming
  • Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently
  • Basic experience in conducting security research, bug bounties, and Pentesting
  • Excellent writing and oral presentation skills in English
  • Ability to handle multiple requests and work in a fast-paced environment
Job Responsibility
Job Responsibility
  • Assist the SCA analysts in conducting vulnerability analysis of known open-source software vulnerabilities to identify affected libraries and other elements, such as the affected vulnerable code
  • Analyze code containing various security risks & vulnerabilities written in multiple languages/frameworks
  • Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines
  • Supervise the technical components and collaborate with the required teams
  • Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements
  • Research ways to improve internal processes and promote relevant Product features
  • Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics
  • Develop Python scripts and tools for research purposes and automation
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Application Security Analyst

An application security analyst is a trained professional responsible for provid...
Location
Location
United States
Salary
Salary:
100000.00 - 115000.00 USD / Year
anntaylor.com Logo
Ann Taylor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Education and/or Certifications in Computer Science, Information Systems, other related field, or equivalent work experience
  • 3-5+ years of IT work experience, with at least 2 years of experience working in Application security
  • Working experience with security testing tools (DAST, SAST, SCA)
  • Hands on experience with manual web application penetration testing (VAPT)
  • Proficient in Burp suite and Kali Linux tools
  • Experience on API testing
  • Knowledge of secure coding practices/frameworks such as OWASP, SSDF
  • Strong knowledge of application security principles
  • Knowledge on Threat Modeling and DevSecOps
  • Strong working knowledge of IT Security best practices
Job Responsibility
Job Responsibility
  • Conduct application security assessments to identify and mitigate security risks
  • Perform DAST scans for the internal and external applications
  • Conduct end-to-end Pentest engagement for E-commerce applications
  • Perform False positive analysis for vulnerabilities from scan results
  • Analyze the security risks and create vulnerability report with recommendations
  • Work collaboratively with cross-functional teams to identify and solve complex security problems
  • Work on ad hoc SAST scan requests and vulnerability analysis
  • Participate in incident response activities and provide technical guidance on security-related incidents
  • Develop and maintain technical documentation related to application security
What we offer
What we offer
  • Merchandise discount at select KnitWell Group brands
  • Support for individual development plus opportunities for career mobility
  • A culture of giving back – local volunteer opportunities, annual donation and volunteer match to eligible nonprofit organizations, and philanthropic activities
  • Medical, dental, vision insurance & 401(K)
  • Employee Assistance Program (EAP)
  • Time off – paid time off & holidays
  • Fulltime
Read More
Arrow Right

Application Security Engineer / Analyst

Core Responsibilities: Perform Web Application and API Security testing aligned ...
Location
Location
India , Chennai, Bangalore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
Job Responsibility
Job Responsibility
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
Read More
Arrow Right

Product Security Engineer - Secure SDLC Analyst

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Security Analyst

The Security Analyst is responsible for assessing security events, findings, ins...
Location
Location
United States
Salary
Salary:
60000.00 USD / Year
digitalmediasolutions.com Logo
Digital Media Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 1-2 years of relevant security experience
  • Security+ certification or equivalent knowledge, skills, abilities (KSAs) is recommended
  • Fundamental knowledge and technical experience with AWS is required
  • Familiarity with Security Information and Event Management (SIEM) tools is a plus
  • Demonstrated critical thinking and problem-solving skills
  • Familiar with system troubleshooting practices and methodologies
  • Excellent written, verbal and interpersonal communication skills
  • Ability to work successfully with teams on multiple projects
  • Collaborative approach/attitude
Job Responsibility
Job Responsibility
  • Review, analyze and respond to security events and findings from system and application logging and security tools
  • Conduct initial response and first-level troubleshooting for malware and phishing incidents
  • Conduct basic security/vulnerability assessments to include scanning/auditing resources, analyzing results and creating tickets as needed for responsible teams
  • Assist technology leadership with security incident handling
  • Assist with Security Awareness training
  • Assist in Vendor Risk Assessments
What we offer
What we offer
  • Medical, dental, vision insurance
  • Wellness and mental health benefits
  • Tax-Advantaged health care accounts
  • Financial and income protection benefits (Life insurance, 401(k), short-term disability)
  • Paid time off (PTO), holidays and sick time off
  • Remote worker assistance for wellness and home office
  • Fulltime
Read More
Arrow Right

Information Security Lead Analyst

As part of Citi Infrastructure Defense team, the analyst position will participa...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience with multiple security disciplines and strong understanding of layered defense concepts
  • Deep understanding of TCP/IP technologies and knowledge of network routing protocols
  • Experience defining enterprise security strategy and ecosystem across diverse products
  • Strong hands on experience with firewall and proxy technologies (Bluecoat, Squid, NGINX)
  • Large Scale Network and Security design experience is essential
  • Work with and understand regulatory and risk management requirements
  • Strong unix / linux experience
  • Scripting (Python/Perl/Bash)
  • University / College degree in any STEM area or equivalent industry/technology knowledge
Job Responsibility
Job Responsibility
  • Identify opportunities to automate and standardize information security controls
  • Resolve any vulnerabilities or issues detected in an application or infrastructure
  • Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
  • Scan and analyze applications with automated tools, and perform manual testing if necessary
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Direct the development and delivery of secure solutions by coordinating with business and technical contacts
  • Assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup
What we offer
What we offer
  • Opportunity to work on the internal security posture for a large financial and thus shaping the industry overall
  • Exposure to a broad range of investment technology businesses and products
  • Access to our word class testing lab with physical hands on using hundreds of devices in the IT security ecosystem
  • Fulltime
Read More
Arrow Right

Cyber Security-Fraud Analyst

The L2 Support Fraud Detection Senior Analyst is a pivotal team member responsib...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Tools: Octoflow, Mosaic
  • conduct investigations and reporting using Octoflow and Mosaic platforms
  • provide recommendations based on analytics derived from these tools
  • support secure integration of APIs and web services within fraud detection platforms
  • liaise with developers to validate and enhance security features in applications
  • analyse and correlate logs using SIEM solutions to identify and remediate suspicious activity
  • respond to real-time alerts and participate in threat hunting operations
  • integrate threat intelligence feeds into operational systems
  • regularly update detection mechanisms in response to emerging risks
  • lead and document the resolution of escalated fraud incidents
Job Responsibility
Job Responsibility
  • Conduct investigations and reporting using Octoflow and Mosaic platforms
  • provide recommendations based on analytics derived from these tools
  • support secure integration of APIs and web services within fraud detection platforms
  • liaise with developers to validate and enhance security features in applications
  • analyse and correlate logs using SIEM solutions to identify and remediate suspicious activity
  • respond to real-time alerts and participate in threat hunting operations
  • integrate threat intelligence feeds into operational systems
  • regularly update detection mechanisms in response to emerging risks
  • lead and document the resolution of escalated fraud incidents
  • collaborate with cross-functional teams for swift containment, investigation, and recovery
What we offer
What we offer
  • Inclusive and respectful work environment
  • positions open to people with disabilities.
  • Fulltime
Read More
Arrow Right

Information Security Analyst

Location
Location
United States
Salary
Salary:
Not provided
sygnasolutions.com Logo
Sygna Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ Yrs Experience
  • Minimum of a bachelor’s degree in computer science or equivalent
  • Strong experience with Identity Lifecycle Management (Provisioning, De-provisioning and JML flows)
Job Responsibility
Job Responsibility
  • Integrated different kind of applications like connected mode and disconnected mode applications
  • Application Onboarding (Provisioning/De-provisioning), Birthright Provisioning, Application and Workflows
  • Configuring of workflows in Saviynt IAM tool
  • System, Rule Management, User Provisioning, Access Certification
  • Configured technical rules and user update rules
  • Configured SMPT server, email templates and UI branding
  • Build and Configure SailPoint tasks like aggregation, ID refresh, schedule tasks
  • Implemented Certification Exclusion Rule to excuse certification items from certification List
  • Implemented Customization Rule to identify the uncorrelated accounts or dormant accounts
  • Developed custom Build Map Rules, Correlation Rules and having knowledge Workflows as per the business needs
  • Fulltime
Read More
Arrow Right