Security Analyst - Application Security

About The Position

Requirements

• Knowledge of common application security concepts and vulnerability types (e.g., OWASP Top 10), with the ability to learn how they apply in real-world systems.
• Exposure to the Software Development Lifecycle (SDLC) and an interest in understanding where security fits into design, development, and testing activities.
• Ability to analyze information, follow defined security processes, and execute assigned security tasks with attention to detail.
• Strong analytical and problem-solving skills to help identify potential risks and support remediation efforts under guidance.
• Effective communication skills, with the ability to explain security findings, vulnerabilities, and risks in clear, approachable terms to developers, product managers, and non-security partners.
• Willingness to coach and educate partners on security processes and expectations, reinforcing consistent and repeatable security practices.
• Ability to work both independently on assigned tasks and collaboratively within cross-functional teams.
• Familiarity with Agile delivery concepts (e.g., Scrum, Kanban)
• Access Control (AC)
• Building Architecture
• Burp Suite
• Customer Solutions
• Disaster Recovery Planning
• Information Security
• Network Security
• Penetration Testing
• Physical Security
• Risk Assessments
• Security Technologies
• Threat Management
• Web Application Testing
• Analytical Thinking
• Effective Communications
• Information Assurance
• Information Security Management
• Information Security Technologies
• IT Environment
• IT Standards, Procedures & Policies
• IT Systems Management
• Problem Solving
• Software Security Assurance
• Bachelors degree
• 3+ years of relevant / direct industry experience

Nice To Haves

• Hands-on exposure to application security, secure coding concepts, or software development.
• Familiarity with security testing concepts or tools (e.g., vulnerability scanning results, SAST/DAST outputs), with the ability to learn tool usage on the job.
• Knowledge of security frameworks, standards, or best practices (e.g., OWASP, NIST), or strong interest in developing that knowledge.
• Exposure to cloud computing concepts or modern application architectures (e.g., APIs, microservices) is a plus.
• Entry-level or foundational security certifications (e.g., Security+, GIAC Fundamentals), or progress toward a relevant certification.
• Demonstrated interest in application security, product security, or secure software development through academic projects, personal learning, or prior roles.
• Strong documentation skills, with the ability to create clear notes, assessments, and evidence to support security processes and controls.

Responsibilities

• Provides technical evaluation and analysis.
• Supports activities, process, and tools needed to improve overall security posture of the organization.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation.
• Performs investigation and data loss prevention, data manipulation, and coordination of activities.
• Performs actions to address or mitigate risks and vulnerabilities.
• Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations.
• Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion.
• Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently.
• Investigates and recommends corrective actions for data security related to established guidelines.

Benefits

• medical/prescription drug coverage (with a Health Savings Account feature)
• dental and vision options
• employee and spouse/child life insurance
• short and long-term disability protection
• 401(k) with PNC match
• pension and stock purchase plans
• dependent care reimbursement account
• back-up child/elder care
• adoption, surrogacy, and doula reimbursement
• educational assistance, including select programs fully paid
• a robust wellness program with financial incentives
• maternity and/or parental leave
• up to 11 paid holidays each year
• 9 occasional absence days each year, unless otherwise required by law
• between 15 to 25 vacation days each year, depending on career level; and years of service