FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Application Security Analyst
Sound PhysiciansApplication Security Analyst at Sound Physicians embedding security into software delivery lifecycle by integrating controls and assessments. Building secure practices while partnering with development teams.
Posted 7/16/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $75,000 - $110,000 per yearWebsite
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates expertise in application security, including secure coding practices, vulnerability management, and integration of security controls within CI/CD pipelines. Proficient in assessing security risks and providing remediation guidance while collaborating effectively with development and engineering teams.
Highest-signal resume keywords
Application SecurityDevSecOps PracticesCI/CD IntegrationCloud SecuritySecure Coding Practices
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
PythonPowerShellJavaJavaScriptC#GoApplication Security AssessmentsThreat ModelingVulnerability ManagementSecure Code Reviews
Soft Skills
Effective CommunicationCollaboration
Tools & Technologies
Azure DevOpsGitHub ActionsGitLab CIJenkinsVeracodeCheckmarxFortifySonarQubeSnykBurp Suite
Industry Keywords
OWASP Top 10MITRE ATT&CKNIST Cybersecurity FrameworkContainer SecurityInfrastructure-as-Code (IaC)
Tech Stack
Tools & technologiesAWSAzureCloudCyber SecurityDockerGoJavaJavaScriptJenkinsKubernetesOpenShiftPython
About the role
Key responsibilities & impact- Integrate security controls and automated checks into CI/CD pipelines, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), secret scanning, container security scanning, and Infrastructure-as-Code (IaC) validation
- Partner with developers and platform engineers to identify, prioritize, and remediate application, API, container, and cloud security risks early in the development lifecycle
- Perform application security assessments, architecture reviews, and threat modeling exercises for new and existing applications
- Conduct secure code reviews and provide guidance on secure coding practices aligned with OWASP Top 10, CWE, and industry standards
- Support vulnerability management by validating findings, reducing false positives, tracking remediation, and helping define risk-based service-level expectations
- Create and maintain documentation, standards, playbooks, and training materials related to application security, secure development, and DevSecOps practices
Requirements
What you’ll need- Bachelor’s degree in Computer Science, Information Security, or related field
- 4+ years of experience in application security, DevOps, cloud security, security engineering, or a related cybersecurity role
- Knowledge of scripting and programming languages such as Python, PowerShell, Java, JavaScript, C#, or Go is highly desirable and considered a plus
- Strong understanding of application security concepts, secure coding practices, and common attack vectors
- Familiarity with cloud platforms such as Azure and AWS
- Familiarity with CI/CD platforms such as Azure DevOps, GitHub Actions, GitLab CI, or Jenkins
- Knowledge of OWASP Top 10, OWASP API Security Top 10, MITRE ATT&CK, and NIST Cybersecurity Framework
- Familiarity with common static and dynamic application security tools
- Experience with application security platforms such as Veracode, Checkmarx, Fortify, SonarQube, Snyk, Mend, Burp Suite, Rapid7 InsightAppSec, or similar tools
- Experience securing containerized applications and platforms (Docker, Kubernetes, OpenShift, AKS, EKS, or GKE), including container image scanning, runtime security monitoring, admission controls, and Kubernetes security best practices
- Ability to analyze security findings, assess risk, and communicate remediation recommendations effectively to technical and non-technical stakeholders
- Familiarity with AI-assisted development processes and appropriate security controls
- Strong written and verbal communication skills
Benefits
Comp & perks- Medical insurance
- Dental insurance
- Vision insurance
- Health care and dependent care flexible spending account
- 401(k) retirement savings plan with a company match
- Paid time off (PTO) begins accruing immediately upon start date at a rate of 15 days per year, in accordance with Sound's PTO policy
- Ten company-paid holidays per year