ZipRecruiter

Log In

1

Application Security Analyst Jobs (NOW HIRING)

SciTec

Application Security Engineer

Boulder, CO · On-site

$61 - $81.50/hr

Identify, analyze, and help remediate application vulnerabilities * Support software engineers in integrating security considerations into system and application designs * Integrate and maintain ...

SciTec

Application Security Engineer

Boulder, CO · On-site

$61 - $81.50/hr

Identify, analyze, and help remediate application vulnerabilities * Support software engineers in integrating security considerations into system and application designs * Integrate and maintain ...

SciTec

Application Security Engineer

Boulder, CO

$61 - $81.50/hr

Identify, analyze, and help remediate application vulnerabilities * Support software engineers in integrating security considerations into system and application designs * Integrate and maintain ...

Quantix

Security Analyst

Alameda, CA

Security Analyst Location: Alameda, CA Type: Direct Hire Company located in Alameda, CA has an ... This position will also sit on various project teams to ensure that application security is ...

Quantix

Security Analyst

Alameda, CA

Security Analyst Location: Alameda, CA Type: Direct Hire Company located in Alameda, CA has an ... This position will also sit on various project teams to ensure that application security is ...

MANTECH

Application Security Engineer

Hanover, MD

$58 - $77.25/hr

The Application Security (AppSec) Engineer will leverage their strong technical background and ... analysis . Responsibilities include but are not limited to: * Utilizing, fine-tuning, and ...

MANTECH

Application Security Engineer

Hanover, MD

$58 - $77.25/hr

The Application Security (AppSec) Engineer will leverage their strong technical background and ... analysis . Responsibilities include but are not limited to: * Utilizing, fine-tuning, and ...

next page

Showing results 1-20

People also search for

All JobsApplication Security Analyst Jobs

Application Security Analyst information

See salary details

$35K

$83.6K

$139K

How much do application security analyst jobs pay per year?

As of Jun 6, 2026, the average yearly pay for application security analyst in the United States is $83,617.00, according to ZipRecruiter salary data. Most workers in this role earn between $64,500.00 and $94,000.00 per year, depending on experience, location, and employer.

What are Application Security Analysts?

Application Security Analysts are professionals responsible for identifying and mitigating security vulnerabilities in software applications. They assess applications for risks by performing code reviews, vulnerability assessments, and penetration testing. Their role includes working with development teams to ensure security best practices are followed throughout the software development lifecycle. Application Security Analysts also help develop security policies, provide training, and respond to security incidents related to applications.

What are some common challenges faced by Application Security Analysts when collaborating with development teams?

Application Security Analysts often encounter challenges in aligning security best practices with fast-paced development cycles. Ensuring that security recommendations are integrated early without delaying product releases requires strong communication and a collaborative approach with developers. Analysts must balance advocating for robust security measures while understanding development constraints, and often need to translate technical vulnerabilities into clear, actionable guidance for non-security professionals. Building trust and fostering a culture of shared responsibility for security helps overcome these challenges.

What are the key skills and qualifications needed to thrive as an Application Security Analyst, and why are they important?

To thrive as an Application Security Analyst, you need a strong understanding of secure coding practices, vulnerability assessment, and information security principles, often supported by a degree in computer science or related certifications like CISSP or CEH. Familiarity with tools such as static and dynamic application security testing (SAST/DAST), penetration testing suites, and security information and event management (SIEM) systems is essential. Analytical thinking, attention to detail, and effective communication are critical soft skills for identifying risks and collaborating with development teams. These competencies are vital to proactively identifying vulnerabilities, minimizing risks, and ensuring robust application security in evolving technology environments.

What is the difference between Application Security Analyst vs Security Engineer?

AspectApplication Security AnalystSecurity Engineer
CertificationsCompTIA Security+, CISSP, CEHCISSP, CEH, Security+
Work EnvironmentFocus on application vulnerabilities, code reviews, and security assessmentsDesigns and implements security infrastructure, manages security tools
Industry UsageCommon in software development and IT teamsFound in cybersecurity teams across various industries
Primary FocusIdentifying and mitigating application security risksBuilding and maintaining security systems and protocols

While both roles involve cybersecurity, Application Security Analysts primarily focus on securing software applications through assessments and vulnerability management. Security Engineers work on developing and maintaining security infrastructure, ensuring overall organizational security. Both roles are essential in a comprehensive cybersecurity strategy but differ in scope and daily responsibilities.

What cities are hiring for Application Security Analyst jobs? Cities with the most Application Security Analyst job openings:
Who are the top companies hiring for Application Security Analyst jobs? The top employers for Application Security Analyst jobs are:
What states have the most Application Security Analyst jobs? States with the most job openings for Application Security Analyst jobs include:
Infographic showing various Application Security Analyst job openings in the United States as of May 2026, with employment types broken down into 25% Full Time, and 75% Contract. Highlights an 50% In-person, and 50% Hybrid job distribution, with an average salary of $83,617 per year, or $40.2 per hour.
Application Security Engineer

Application Security Engineer

ConsultNet Technology Services and Solutions

Rockville, MD • On-site

$60 - $80/hr

Full-time

Posted 2 days ago

Job description

Job Summary:
ConsultNet Technology Services and Solutions is a premier national provider of technology talent and solutions. They are seeking a Senior Application Security Engineer responsible for designing, implementing, and advancing application security practices across the Software Development Life Cycle (SDLC), partnering closely with engineering, DevOps, and security teams.
Responsibilities:
• Perform application security assessments, manual penetration testing, and vulnerability validation using tools such as Burp Suite and other proxy/security testing tools.
• Analyze and triage findings from SAST, DAST, IAST, IaC, and secrets detection tools to identify, prioritize, and support remediation of security vulnerabilities.
• Partner with engineering teams to integrate security controls and testing into CI/CD pipelines in support of DevSecOps initiatives.
• Conduct secure code reviews and leverage GenAI-enabled security tooling to improve scalability and efficiency of application security analysis.
• Evaluate, recommend, and implement application security tools and technologies, including emerging capabilities related to automated code analysis and cloud security.
• Perform AWS configuration and cloud security reviews to ensure adherence to security best practices and compliance standards.
• Develop and maintain documentation related to security findings, remediation activities, risk assessments, and compliance requirements.
• Contribute to the development, interpretation, and enforcement of application security policies, standards, and procedures.
• Support enterprise security compliance initiatives and participate in audit and risk management activities.
• Deliver security awareness training and educate developers and QA engineers on common application security risks, secure coding practices, and remediation techniques.
• Stay current on emerging threats, vulnerabilities, attack techniques, and security technologies to continuously improve the organization's security posture.
Qualifications:
Required:
• Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or a related technical field.
• 5+ years of experience in cybersecurity with a strong focus on application security.
• Hands-on experience with SAST, DAST, IAST, and related application security testing methodologies and tools.
• Strong understanding of OWASP Top 10 vulnerabilities, secure coding principles, and remediation strategies.
• Experience performing manual penetration testing and application vulnerability assessments.
• Proficiency in one or more programming or scripting languages such as Java, Python, or JavaScript.
• Experience integrating security tooling into CI/CD pipelines using platforms such as Jenkins and GitLab.
• Strong knowledge of security engineering concepts including authentication, authorization, cryptography, network security, and secure application architecture.
• Experience with AWS cloud security concepts, services, and configuration reviews.
• Excellent communication skills with the ability to collaborate effectively across engineering and security teams.
Preferred:
• Background in software engineering or application development.
• Familiarity with GenAI-assisted security tooling and automated code analysis solutions.
• Experience with Infrastructure as Code (IaC) security scanning and secrets management tools.
• Experience conducting infrastructure or application-level vulnerability testing and security auditing.
• Industry certifications such as: GWAPT, OSWE, Burp Suite Certified Practitioner, CISSP, CSSLP
• Experience supporting enterprise DevSecOps transformation initiatives.
Company:
ConsultNet is a talent solutions company that helps businesses solve complex challenges by integrating talent, technology, and scalable delivery models. Founded in 1996, the company is headquartered in South Jordan, USA, with a team of 201-500 employees. The company is currently Growth Stage.

Apply