Application Security Analyst (Penetration Testing) -100% remote available

Apply for this position Please mention DailyRemote when applying
Posted 10 days ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Why We Work at Dun & BradstreetWe are at a transformational moment in our company journey - and we're so excited about it. Each day, we are finding new ways to strengthen our award-winning culture, and to accelerate creativity, innovation and growth. Our purpose is to help customers improve business performance with Dun & Bradstreet's Data Cloud and Live Business Identity, and we're wildly passionate and committed to this purpose. So, if you're looking to make an immediate impact at a company that welcomes bold and diverse thinking, come join us!The RoleThe Application Security Analyst will be part of D's Product Security team and will be part of a team that is responsible for ensuring secure software delivery of the D products.We are seeking a driven and motivated Pen Tester to be a part of a newly formed Pen Testing team within our established App Sec practice. In this role, you will perform vulnerability assessments, penetration testing, code reviews and implement DevSecOps practices to guide application teams and help them make their products more secure.We have experience tremendous growth and this is an exciting time to be a part of our journey! Come join a team in which you can learn and grow your skills within DAST/SAST and PenTesting!*This role can be 100% remote (US only) or located in our Austin, TX/Center Valley, PA or Short Hills, NJ offices (hybrid schedule)ResponsibilitiesConduct and perform vulnerability analyses on web and mobile applications.Perform dynamic application security testing (DAST) before applications are deployed in production.Perform Static Scanning (SAST) and triage results to advise development teams on remediationDevelop DevSecOps practices (configure SAST/DAST tools, Jenkins etc) by implementing key controls (SAST/DAST/SCA) in the SDLCIdentify and develop metrics/KPIs to show the progress of overall application security program and identify opportunities for improvement.QualificationsBachelors Degree in Computer Science or other related fields of study2+ years of working experience with PenTesting, DAST (Dynamic Scanning) and vulnerability assessment experienceProficiency in understanding of: Burp Suite, OWASP Top 10, OWASP ZAP, NVD, CVSS scoring, application assessmentsProficiency in at least one programming language (Python preferred)Strong technical acumen, communication and influence skills to demonstrate effectiveness of different application security initiativesPluses:Experience with project development, management, and tracking software (JIRA, Confluence, BitBucket, GitHub, etc)Experience security tools such as CheckMarx, Snyk etcDun & Bradstreet is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, age, national origin, citizenship status, disability status, sexual orientation, gender identity or expression, pregnancy, genetic information, protected military and veteran status, ancestry, marital status, medical condition (cancer and genetic characteristics) or any other characteristic protected by law.We are committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with Dun & Bradstreet and need special assistance or an accommodation to use our website or to apply for a position, please send an e-mail with your requests for reasonable accommodation are made on a case-by-case basis.Please note that all Dun & Bradstreet job postings can be found at and all communication from Dun & Bradstreet will come from an email address ending