Application Security Analyst

Remote Full-time
About the position

CGI has an immediate need for a Application Security Analyst to join our team. This is an exciting opportunity to work in a fast-paced team environment supporting one of the largest customers. We take an innovative approach to supporting our client, working side-by-side in an agile environment using emerging technologies. We partner with 15 of the top 20 banks globally, and our top 10 banking clients have worked with us for an average of 26 years!. This role is located at a client site in Reston, VA. A hybrid working model is acceptable.

The Application Security Analyst is responsible for identifying, assessing, and helping remediate security risks across modern applications, including web, API, and backend services. This role focuses on hands-on security testing, manual code reviews, and clear communication of risk to both technical and non-technical stakeholders. The analyst works closely with engineering and product teams to improve application security posture while ensuring findings are practical, prioritized, and aligned with business objectives.

Responsibilities
• Identifying, assessing, and helping remediate security risks across modern applications, including web, API, and backend services.
• Hands-on security testing
• Manual code reviews
• Clear communication of risk to both technical and non-technical stakeholders.
• Works closely with engineering and product teams to improve application security posture while ensuring findings are practical, prioritized, and aligned with business objectives.

Requirements
• 6+ years of professional experience in application security, penetration testing, or a closely related security role
• Strong hands-on experience conducting manual application security assessments, including secure code reviews and penetration testing
• Solid understanding of common application security vulnerabilities, exploitation methods, and mitigation techniques (e.g., OWASP Top 10)
• Proficiency with web security testing tools such as Burp Suite, OWASP ZAP, and other proxy, scanning, and fuzzing tools
• Experience performing manual source code reviews and identifying insecure coding practices across one or more programming languages
• Ability to assess vulnerability risk by considering exploitability, technical impact, and business context
• Skilled at documenting findings clearly, including evidence, root cause analysis, and actionable remediation guidance
• Comfortable explaining security risks and recommendations to both technical teams and business stakeholders
• Strong collaboration skills and the ability to work effectively with developers, architects, and product teams

Nice-to-haves
• Background in software development or familiarity with modern application architectures is a strong plus
• Relevant security certifications (such as GWAPT, OSCP, CEH, or similar) are preferred but not required

Benefits
• Competitive compensation
• Comprehensive insurance options
• Matching contributions through the 401(k) plan and the share purchase plan
• Paid time off for vacation, holidays, and sick time
• Paid parental leave
• Learning opportunities and tuition assistance
• Wellness and Well-being programs

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Food Delivery Driver - Dasher – Amazon Store

Remote

Fully Remote Part-Time RN - Registered Nurse

Remote

Provider Compensation Analyst - Remote in Michigan

Remote

Experienced Full Stack Data Entry Specialist – Remote Customer Service & Operations Team

Remote

Customer Service Associate - Remote - Delivering Exceptional Experiences in Home Automation and Concierge Services

Remote

Immediate Hiring: Need EXTERMINATOR in Cincinnati, OH

Remote

Apply Now: Field Account Manager (Northern California Market)

Remote

Immediate Hiring: Wayfair Call Center Jobs - VacancyGlobal

Remote

**Experienced Customer Support Agent – Tele-Recruiting and Donor Engagement**

Remote

Remote Data Entry Virtual Assistant – Flexible Part-Time Work From Home Opportunity with careerzynith

Remote
← Back