Application Security Analyst
About KnowBe4
KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, is used by tens of thousands of organizations around the globe. KnowBe4 enables organizations to manage the ongoing problem of social engineering by helping them train employees to make smarter security decisions, every day.
Fortune has ranked us as a best place to work for women, for millennials, and in technology for four years in a row! We have been certified as a "Great Place To Work" in 8 countries, plus we've earned numerous other prestigious awards, including Glassdoor's Best Places To Work.
Our team values radical transparency, extreme ownership, and continuous professional development in a welcoming workplace that encourages all employees to be themselves. Whether working remotely or in-person, we strive to make every day fun and engaging; from team lunches to trivia competitions to local outings, there is always something exciting happening at KnowBe4.
The Application Security Analyst performs all procedures necessary to ensure the safety of information systems and applications and to protect the privacy, confidentiality, integrity, and availability of company and customer data by reviewing and investigating security alerts while having a proactive approach in assisting the infosec and engineering teams to develop secure applications.
Responsibilities:
- Responds to security alerts created across infosec alerting systems
- Escalates security alerts requiring further investigation
- Creates new security alerts and dashboards as needed
- Performs threat hunting across information security log feeds
- Creates Infosec policies,procedures, playbooks, and workflows
- Monitors for, investigates, and responds to security incidents
- Performs root cause analysis on identified vulnerabilities and identified incidents
- Conduct security reviews and penetration testing across company products and services as needed
- Conduct and assess the results of vulnerability scans and triage vulnerabilities across company products
- Stay informed on the latest vulnerabilities
- Conducts security, vulnerability and risk reviews of systems, applications, and source code through the use of various automated tools and manual testing procedures.
- Address security throughout the SDLC
- Review security findings from container scans, dependency checks and static code analysis tools.
- Manage the bug bounty program
- Perform security reviews of the source code
Requirements:
- Bachelor’s degree in information technology or a related field preferred
- Some experience in information security and IT.
- Has an understanding of infosec concepts such as: cloud infrastructure, application security, vulnerability scanning, penetration testing.
- Some experience with infosec testing tools and scripts.
- Familiar with application development concepts: servers, databases, coding, API’s, containers, logging, troubleshooting.
- Knowledge of various operating systems, ChromeOS, Linux, Mac, Windows.
- Familiar with OWASP top 10 and MITRE ATT&CK Framework.
- Able to navigate the linux command line
- Strong verbal and written communications
- Excellent time management and organization skills
- Excellent Analytical skills
- An understanding of security best practices and frameworks such as NIST, ISO, and CIS
The base pay for this position ranges from $65,000 - $80,000, which will vary depending on how well an applicant's skills and experience align with the job description listed above.
We will accept applications until 5/26/24.
Our Fantastic Benefits
We offer company-wide monthly bonuses, employee referral bonuses, 401k matching (US), fully paid medical insurance (US), open/generous paid time off (length varies by country), parental leave (length varies by country), adoption assistance, tuition reimbursement, certification reimbursement, certification completion bonuses, gym benefits, and a relaxed dress code - all in a modern, high-tech, and fun work environment. For more details about our benefits, visit www.knowbe4.com/careers/benefits.
Note: An applicant assessment and background check may be part of your hiring procedure.
Individuals seeking employment at KnowBe4 are considered without prejudice to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation or any other characteristic protected under applicable federal, state, or local law. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please visit www.knowbe4.com/careers/request-accommodation.
No recruitment agencies, please.