Application security analyst

Checkmarx is the enterprise application security leader and the host of Checkmarx One™ — the industry-leading cloud-native AppSec platform that helps enterprises build #DevSecTrust.

Description

Checkmarx is the leader in application security and ensures that enterprises worldwide can secure their application development from code to cloud.

Who are we?

Our consolidated platform and services address the needs of enterprises by improving security and reducing TCO, while simultaneously building trust between AppSec, developers, and CISOs.

At Checkmarx, we believe it’s not just about finding risk, but remediating it across the entire application footprint and software supply chain with one seamless process for all relevant stakeholders.

We are honored to serve more than 1,800 customers, which includes 40 percent of all Fortune 100 companies.

What are we looking for?

The Checkmarx Security Research group seeks an experienced, curious, detail-oriented Application Security Analyst to join our team in Braga.

Your role will include an in-depth understanding of vulnerabilities and how they occur in the code, from open-source libraries to proprietary code, and involvement with the entire security research group.

• Analyze source code containing various security risks & vulnerabilities written in multiple languages/frameworks.
• Analyze results produced by Checkmark’s AST solutions that can include SAST, DAST, IaC, and other engines.
• Collaborate with other areas in the group, such as SCA and SCS.
• Supervise required technical components and collaborate with the required teams.
• Engage in proactive interactions with Product and R&D teams to align the security aspect of new features and product enhancements.
• Research ways to improve internal processes and promote relevant product features.
• Be at the forefront of the Application Security world: Discover and report Application Security trends. Suggest new ideas and write publications on new vulnerabilities and relevant topics.
• Develop Python scripts and tools for research purposes and automation.
• Leverage the latest technological trends for optimizing processes, including AI.

Requirements

What is needed to succeed?

• Passionate about security and keen on growing in the security field.
• 1-2 years of experience as an analyst or researcher.
• 1-2 years of experience in a similar role in the security field.
• Familiar with key AppSec concepts, such as understanding security concepts, vulnerabilities, and secure coding practices.
• Have a deep understanding of the OWASP Top 10.
• Experience with Python scripting/programming.
• Familiarity with both interpreted and compiled languages, and the ability to learn new programming languages and technologies independently.
• Basic experience in conducting security research, bug bounties, and Pentesting.
• Excellent writing and oral presentation skills in English.
• Customer-oriented mindset and driven by innovation.

What we have to offer

Checkmarx offers a great work environment, professional development, challenging careers, competitive compensation, great work-life balance, as well as great benefits and perks throughout the year.

Checkmarx is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender, sexual orientation, gender identity or expression, age, disability, or other characteristics protected by law.