Application Security Analyst

January 9, 2024
Apply Now

Job Description

About Roshan Telecom (TDCA):

Roshan Telecom (TDCA) is a prominent player in the telecommunications industry, committed to providing cutting-edge solutions. We are currently seeking a highly skilled and motivated individual to join our team as an Application Security Analyst.

Job Description:

1. Security Assessments:

  • Conduct regular security assessments of web and mobile applications to proactively identify vulnerabilities and weaknesses.
  • Collaborate closely with development teams to prioritize and implement remediation of identified security issues.

2. Code Review and Analysis:

  • Perform thorough static and dynamic code analysis to pinpoint security vulnerabilities in application code.
  • Offer guidance and best practices to developers for secure coding.

3. Security Testing:

  • Plan and execute penetration testing on applications to discover and exploit security vulnerabilities.
  • Work collaboratively with developers to validate and verify the effectiveness of remediation efforts.

4. Security Requirements and Design Review:

Actively participate in the review of application requirements and designs to ensure seamless integration of security best practices from the early stages of development.

5. Security Tool Management:

Manage and maintain application security testing tools and stay abreast of industry trends and advancements in application security technologies.

6. Documentation:

Create and maintain comprehensive documentation related to application security assessments, findings, and recommendations.

Job Requirements:

Academic Qualification:

  • Bachelor’s degree in Computer Science, Information Technology, or a related field.
  • Certification: WEB-300, GIAC Mobile Device Security Analyst (GMOB), or equivalent.

Experience:

Minimum 3 years of experience in application security, information technology, or a related field.

Skills and Competences:

  • Proven experience as an Application Security Analyst or in a similar role.
  • Familiarity with programming languages (e.g., Java, Python, JavaScript, C#) and web application frameworks.
  • In-depth knowledge of application security best practices, OWASP Top 10, and secure coding principles.
  • Experience with security testing tools, such as WAF (Web Application Firewall), Burp Suite, OWASP ZAP, or similar.
  • Certifications like Certified Ethical Hacker (CEH), eLearn Security Web Application Penetration Tester (eWPT), eLearn Security Web Exploitation Expert (eWPTX), eLearn Security Mobile Application Penetration Tester, WEB-300, or similar are a plus.
  • Strong analytical and problem-solving skills.
  • Effective communication skills to convey complex security issues to both technical and non-technical stakeholders.
Submission Guideline:

Interested candidates should forward their applications to hr@roshan.af.

Submission Email:

hr@roshan.af

Read Also: Planning and Partnership Manager