Application Security Analyst

About us

KnitWell Group, a specialty retail operating company, comprises some of the most iconic brands in America – Ann Taylor, Chico's, Haven Well Within, Lane Bryant, LOFT, Soma, Talbots, White House Black Market. Individually, our brands are unique and strong. Together, we are powerful.

Our common thread is our commitment to create exceptional products, provide memorable experiences, and achieve superior results. Our associates are innovators who thrive through collaboration and are dedicated to excellence. At the heart of it all are the customers we serve. We are dedicated to creating fashion that not only looks good but also makes our customers feel good.

Application Security Analyst

About the role

An application security analyst is a trained professional responsible for providing security assessments of applications and other software. The goal of these assessments is to protect organizations from hacking attempts and threats such as phishing, malware, and ransomware.

Under the direction of the Director for Cyber Security Operations, the Application Security Analyst is responsible for the implementation and management of several security tools and integrations at the KnitWell Group. This includes integrations and automation related to DevSecOps, application vulnerability analysis, penetration testing and code analysis. The Application Security Analyst is always looking at ways to improve and recommend changes.

The Application Security Analyst will use their strong knowledge and experience to advise and assist the organization on all related processes and projects. They will work with all other Engineers and application support teams, whether on prem or remote, and other IT partners to ensure that all in-house developed Web Applications and related components, processes are efficient, reduce risk within the organization, and enable associates to work effectively and securely.

The impact you can have

• Conduct application security assessments to identify and mitigate security risks
• Perform DAST scans for the internal and external applications.
• Conduct end-to-end Pentest engagement for E-commerce applications.
• Perform False positive analysis for vulnerabilities from scan results.
• Analyze the security risks and create vulnerability report with recommendations.
• Work collaboratively with cross-functional teams to identify and solve complex security problems.
• Work on ad hoc SAST scan requests and vulnerability analysis.
• Participate in incident response activities and provide technical guidance on security-related incidents
• Develop and maintain technical documentation related to application security

You’ll bring to the role

• Education and/or Certifications in Computer Science, Information Systems, other related field, or equivalent work experience.
• 3-5+ years of IT work experience, with at least 2 years of experience working in Application security.

• Working experience with security testing tools (DAST, SAST, SCA).
• Hands on experience with manual web application penetration testing (VAPT).
• Proficient in Burp suite and Kali Linux tools.
• Experience on API testing.
• Knowledge of secure coding practices/frameworks such as OWASP, SSDF
• Strong knowledge of application security principles
• Knowledge on Threat Modeling and DevSecOps.
• Strong working knowledge of IT Security best practices
• Knowledge of policies and procedures; governance practices and control frameworks (ITIL); and regulatory obligations (SOX and PCI) as it relates to information systems.
• Familiarity with software development methodologies such as Agile or DevOps
• Knowledge in any one programming languages such as Java, Python, or C++
• Proficiency in some scripting languages (PowerShell, JavaScript, SQL, etc.)
• Understanding of various operating system platforms including Windows, UNIX, etc.
• Ability to interact with all levels of management.
• Must possess an understanding of the retail industry.
• Must possess an understanding eCommerce infrastructure.

Benefits

• You will be eligible to receive a merchandise discount at select KnitWell Group brands, subject to each brand’s discount policies.
• Support for your individual development plus opportunities for career mobility within our family of brands.
• A culture of giving back – local volunteer opportunities, annual donation and volunteer match to eligible nonprofit organizations, and philanthropic activities to support our communities.*
• Medical, dental, vision insurance & 401(K).*
• Employee Assistance Program (EAP).
• Time off – paid time off & holidays.*
• The target salary range for this role is: $100,000 – 115,000*

• Any job offer will consider factors such your qualifications, relevant experience, and skills. Eligibility of certain benefits and associate programs are subject to employment type and role.

This position works remotely. Occasional travel to a company office may be required.

Applicants to this position must be authorized to work for any employer in the US without sponsorship. We are not providing sponsorship for this position.

#LI-MJ1

Location:

Corporate ascena – Remote

Position Type:

Regular/Full time

Equal Employment Opportunity

The Company is an equal opportunity employer and welcomes applications from diverse candidates. Hiring decisions are based upon a candidate's qualifications as they relate to the requirements of the position under consideration and are made without regard to sex (including pregnancy), race, color, national origin, religion, age, disability, genetic information, military status, sexual orientation, gender identity, or any other category protected by applicable law. The Company is committed to providing reasonable accommodations for job applicants with disabilities. If you require an accommodation to perform the essential duties of the position you are seeking or to participate in the application process, please contact [email protected]. The Company will make reasonable accommodations for otherwise qualified applicants or employees, unless such accommodations would impose an undue hardship on the operations of the Company’s business. The Company will not revoke or alter a job offer based on an applicant’s request for reasonable accommodation.