Application Security Analyst- Remote (Anywhere in the U.S.)

GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions and minimize risk. Using a holistic three-tiered approach, GuidePoint evaluates security postures and ecosystems, enabling top organizations such as Fortune 500 companies and U.S. government agencies to identify threats, optimize resources, and implement effective risk mitigation solutions.

Our Application Security services include assessments for various application types (web, mobile, IoT, thick client), Threat Modeling, Source Code Reviews, Architecture Reviews, Program Management, Secure Development Training, and SDLC Implementation.

The Application Security Analyst will join our elite team to deliver these services, perform engagements, communicate with clients, produce reports, and provide thought leadership. You will focus on challenging projects, solving complex problems, and helping clients enhance their Application Security capabilities. Our offerings evolve with industry trends and emerging risks.

• Assist in delivering Application Security services, including assessments, Threat Modeling, Source Code Reviews, Architecture Reviews, Training, and SDLC support.
• Help author assessment reports tailored to technical and managerial audiences, detailing technical findings, deficiencies, business impacts, and remediation strategies.
• Contribute to Application Security research projects.
• Participate in marketing activities such as conference speaking, blogging, whitepapers, webinars, and tool development.
• Utilize automation, scripting, and orchestration to improve efficiency and enable new capabilities.
• Continuously develop relevant skills and knowledge to stay current in the industry.
• Build and maintain client relationships by providing support and information.
• Maintain a strong desire to learn, adapt, and grow within a rapidly evolving company.
• Perform additional duties as assigned.

• Experience with testing tools like Burp Suite, Postman, Netsparker, sqlmap, DirBuster, OpenSSL, etc.
• Experience reviewing source code in languages such as JavaScript, Python, Java, C++, PHP, or C#.
• Operational DevSecOps experience is preferred.
• Community involvement (conference speaking, blogging, podcasts) is strongly preferred.
• Industry certifications are a plus.
• Minimum 1 year of experience performing Application Security assessments or with an understanding of them.
• At least 1 year in an enterprise consulting role.
• Over 4 years of combined IT and security experience is preferred.
• Operational (non-consulting) experience is highly valued.

Note: We use Greenhouse for applicant tracking and Zoom for scheduling. Please check your spam folder for updates.

GuidePoint Security is a rapidly growing, profitable, private company focusing on Information Security. Since 2011, we've expanded to over 1,000 employees, partnered with leading security vendors, and serve over 4,200 customers.

Our core values drive our success and workplace culture. Our knowledgeable team members are eager to collaborate, mentor, and support each other's growth.

This is a unique opportunity to advance your career with one of the nation's fastest-growing companies.

• Primarily remote work (U.S. only; some travel or on-site work may be required for certain roles)
• Health insurance options, including PPO and HSA plans, with company contributions
• Dental insurance fully paid for employees, partial for families
• 12 holidays plus Flexible Time Off
• Mobile phone and internet allowances
• Retirement plan eligibility after 2 months
• Pet benefits