Security Analyst

If you are looking for a meaningful career where people work and act with passion, rethink the existing and always strive to find the best solution - you have come to the right place. We develop future technologies to relentlessly make supply chains better. 

We are a leader in supply chain software solutions, helping organizations streamline operations, reduce costs, and improve efficiency.

Description

Infios is seeking a Security Analyst to join our Threat and Vulnerability Management (TVM) Team, who will be instrumental in building and maintaining security solutions within the organization to safeguard its systems and data.

This is a hands-on role for a security professional who is passionate about identifying, analyzing, and remediating application and AI-related security risks in close partnership with development and product teams.

You will play a key role in securing modern web applications, APIs, cloud-native services, and emerging AI/LLM-powered capabilities, while helping mature our secure development and AI security practices across the organization.

Key Responsibilities

Application Security & Vulnerability Management

· Scan vulnerabilities using industry-leading tools in applications and infrastructure.

· Conduct and manage DAST, SAST, and software composition analysis (SCA) activities.

· Analyze vulnerability scan results, validate findings, reduce false positives, and prioritize risk.

· Collaborate directly with development teams to assess identified vulnerabilities and deliver precise, actionable remediation recommendations.

· Track vulnerabilities through remediation and verify fixes.

· Act as a trusted AppSec advisor to engineering and product teams.

· Use expertise in OWASP Top 10 and common web application and API attack methods.

· Support secure development practices, threat modeling, and design reviews.

· Contribute to secure coding guidance, patterns, and best practices.

Automation & AI-Augmented Security

· Leverage AI-powered tools (e.g., Copilot-style tooling, AI-assisted scanners) to:

o Improve vulnerability analysis

o Accelerate triage and reporting

o Enhance testing efficiency

· Identify opportunities to automate repetitive security tasks and workflows.

· Contribute to continuous improvement of TVM and AppSec tooling and processes.

AI & LLM Security

· Lead and support security testing of AI and LLM-powered features across the organization.

· Assess and test for risks outlined in the OWASP Top 10 for LLM Applications.

· Help define and operationalize AI security testing strategies within the SDLC.

Required Qualifications

· 5+ years of experience in Application Security, Product Security, or Vulnerability Management

· Experience with cloud platforms like AWS, Azure, and OCI and CSPM tools (WIZ).

· Strong hands-on experience with DAST and SAST tools, Web Application and API Security Testing.

· Deep understanding of OWASP Top 10 and Secure SDLC principles.

· Excellent documentation and communication skills (both verbal and written).

· Analytical problem-solving skills and knowledge of application security architecture.

· Experience working directly with software development teams on remediation.

· Solid understanding of modern application architectures (REST APIs, microservices, cloud).

· Familiarity with OWASP Top 10 for LLMs.

Preferred / Nice-to-Have

· Experience testing or securing LLM-powered applications in production.

· Familiarity with security testing tools such as:

o Burp Suite, ZAP, Snyk, Semgrep, Checkmarx, Veracode, or similar

· Experience using AI to augment security testing or analysis.

· Strong scripting or automation skills (Python, Bash, etc.).

· Exposure to SOC 2 / ISO 27001 security controls related to AppSec.

Why join us?

At Infios, we're not just looking for employees; we're looking for partners in innovation, growth, and purpose. Meeting you where you are to create the future you need is at the core of who we are and what we do. Whether you're at the beginning of your career or a seasoned expert, we meet you on your journey, equipping you with the tools and opportunities to build the future you envision. Together, we will relentlessly work toward one common goal - making supply chains better.