Application Security Analyst

Exceed the expectations of our residential mortgage borrowers & business partners through superior service, simple processes, and effective communications.

We deliver on this mission by empowering our employees by encouraging and recognizing superior performance and innovative solutions, by promoting teamwork and divisional cooperation.
 

POSITION SUMMARY

Detail-oriented and technically proficient Application Security Analyst to join our cybersecurity team. This role is critical in ensuring the security and integrity of our applications through proactive monitoring, analysis, and testing. Requires a strong foundation in application security principles and hands-on experience with modern security tools and methodologies

DESCRIPTION

Duties and Responsibilities

• Perform in-depth analysis of application logs to identify anomalies and potential security threats.
• Monitor and configure Web Application Firewalls (WAF) to detect and mitigate web-based attacks.
• Conduct Static Application Security Testing (SAST) to identify vulnerabilities in source code.
• Execute Dynamic Application Security Testing (DAST), both manually and through automation, to assess runtime behavior and security posture.
• Triage and escalate security alerts, ensuring timely and accurate incident response.
• Evaluate and test the security of Application Programming Interfaces (APIs), including penetration testing and vulnerability assessments.
• Collaborate with development and operations teams to integrate security best practices throughout the software development lifecycle (SDLC).
• Maintain documentation of findings, remediation efforts, and security improvements.
• Performs related duties as assigned by management.

Qualifications and Education Requirements

• Bachelor's degree in Cybersecurity, Information Technology, or a related field is preferred.
• 3-5 years of experience in application security, cybersecurity, or a related discipline.
• Proficiency with tools such as Burp Suite, OWASP ZAP, Fortify, or similar.
• Strong understanding of OWASP Top 10 and secure coding practices.
• Experience with log analysis platforms and SIEM tools.
• Familiarity with API security standards (e.g., OAuth, JWT, OpenAPI).
• Excellent analytical, communication, and documentation skills.

Skills, Abilities, and Knowledge

• Strong verbal communication skills; strong writing and composition abilities.
• Strong interpersonal skills with the ability to develop and maintain effective relationships across the organization.
• Strong influencing and negotiation skills; consultative and collaborative work style.
• High learning agility with the ability to learn and integrate business variables and learn new systems and platforms.
• Strong analytical skills & problem-solving abilities; solid decision-making abilities coupled with sound judgment.
• Effective at managing multiple priorities under tight deadlines in a fast-paced, dynamic environment.
• Self-directed and comfortable working with ambiguity and uncertainty.
• High degree of professional maturity, integrity, ability to maintain confidential data and information.
• High degree of business acumen; strong technical aptitude.
• Relevant certifications such as OSCP, GWAPT, CEH, or CSSLP.
• Experience with CI/CD pipeline integration for security testing.
• Knowledge of cloud-native application security (AWS, Azure, or GCP).
• Exposure to threat modeling and risk assessment frameworks.

REVISION HISTORY

Last Updated: 7/16/2025

Additional Information:

While this description is intended to be an accurate reflection of the position’s requirements, it in no way implies/states that these are the only job responsibilities. Management reserves the right to modify, add or remove duties and request other duties, as necessary.

All employees are required to have smart phones that meet Company security standards with the ability to install apps such as Okta Verify and Microsoft Authenticator. Employment will be contingent on this requirement.

Company Benefits:

Newrez is a great place to work but we are only as strong as our greatest asset, our employees, so we believe in rewarding them!

• Medical, dental, and vision insurance

• Health Savings Account with employer contribution

• 401(k) Retirement plan with employer match

• Paid Maternity Leave/Parental Bonding Leave

• Pet insurance

• Adoption Assistance

• Tuition reimbursement

• Employee Loan Program

• The Newrez Employee Emergency and Disaster Fund is a new program to support our team members

Newrez NOW:

• Our Corporate Social Responsibility program, Newrez NOW, empowers employees to become leaders in their communities through a robust program that includes volunteering, philanthropy, nonprofit grants, and more

• 1 Volunteer Time Off (VTO) day, company-paid volunteer day where all eligible employees may participate in a volunteer event with a nonprofit of their choice

• Employee Matching Gifts Program: We will match monetary employee donations to eligible non-profit organizations, dollar-for-dollar, up to $1,000 per employee

• Newrez Grants Program: Newrez hosts a giving portal where we provide employees an abundance of resources to search for an opportunity to donate their time or monetary contributions

Equal Employment Opportunity 
We're proud to be an equal opportunity employer- and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.

CA Privacy Policy

CA Notice at Collection