Application Security Analyst I

Why Choose Bottomline?

Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 35 years of experience and moving more than $16 trillion in payments annually. We're looking for passionate individuals to join our team and help drive impactful results for our customers. If you're dedicated to delighting customers and promoting growth and innovation - we want you on our team!

Job Summary    

As an Application Security Analyst, you will play a key role in maintaining our exceptionally high application security standards, established to protect Bottomline’s products and services. This role reports to the Head of Product Security and is responsible for supporting Product teams in our on-going work to identify, assess and mitigate security risks associated with application development and deployment.   
 

Essential Functions and Responsibilities:  

• Perform secure code assessments (SAST, DAST, SCA) on applications to identify vulnerabilities and weaknesses. 

• Partner with Penetration Testing team to design and execute effective threat modeling on key products and services.  

• Collaborate with Development teams to identify and quantify application security risks, and develop mitigation plans to promote secure coding practices and compliance with key security controls. 

• Security Governance – work closely with Development teams, Security Architecture and GRC teams to ensure products are built and maintained in accordance with the required security patterns 

• Information Security Polices and Standards – Partner with the information security GRC team to influence continuous enhancements to information security polices and standards.   

  Required Experience & Qualifications 

• 3+ years of experience in Application Security 

• Bachelor’s degree in Computer Science, Information Security, or a related field. 

• Proven experience in application security, penetration testing and application vulnerability assessments. 

• Strong understanding of secure coding practices, software development lifecycle (SDLC) and application security frameworks. 

• Knowledge of security tools and technologies such as OWASP, SAST, DAST and SCA 

• Excellent problem-solving skills and attention to detail 

• Strong communication and collaboration skills to work effectively with cross-functional teams. 

Preferred Experience & Qualifications 

• Cyber certifications (e.g., CISM, CISSP, CEH, GSEC, CASP+, CEH) or equivalent 

Note: This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the position. 

We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. We're proud to be an equal opportunity employer, committed to creating an inclusive and open environment for everyone.