Security Vulnerability Analyst
Leeds, West Yorkshire
Do you have a strong understanding of web applications, how they function and an interest in information security or vulnerability management?
If so, we have a unique opportunity to join a cutting-edge cyber security software company and help our B2B customers protect themselves from malicious hackers.
AppCheck develops information security software for end user clients and resellers. Our cloud-based service provides companies with exceptional vulnerability detection and reporting services for their web applications and hosting infrastructure; allowing them to identify and fix the software vulnerabilities that hackers look to exploit.
Reporting into our Service Delivery Lead, you will play a crucial role in efficiently triaging, investigating, and resolving queries and requests from customers on our vulnerability scanning platform. This will involve leveraging your web application knowledge, technical investigation of reported issues, command-line investigative tooling, setting up customer and trial scans, investigate customer applications to optimise scans, uncovering report false positives, and answering technical questions around vulnerability types and scan results, as well as some UI bug investigation.
How You'll Do It...
- Investigate and respond to vulnerability queries and customer issue reports
- Provide advice to customers and internal stakeholders on vulnerability remediation, across web application, networking and cloud/server-less technologies
- Use command-line and GUI tooling, as well as leveraging SIEM platform and logs for incident investigation
- Work with developers and software engineers to improve vulnerability scanning and reporting tools, techniques and reports via bug reports and feature requests
- Assist customers in leveraging our vulnerability scanning platform for maximal value
- Ensuring that any system issues or outages are proactively reported to customers via status updates
- Deliver on required SLOs, KPIs and OLAs to deliver on customer commitments
Who We're Looking For:
- Web application knowledge from either an Operations, Monitoring, Incident Management, Security, Vulnerability Management, Sysadmin, DevOps, Support or related background
- Sound understanding of network/infrastructure and firewall, proxy and WAF behaviours; internet operation, the Internet protocol suite (TCP/IP) and HTTP protocol
- An understanding of web application security weaknesses and vulnerabilities
- An understanding of single page applications, asynchronous request handling, partial page updates, and AJAX
- Experience of Infrastructure and Web Application Scanning tools (e.g. Burp Suite, Qualys, Nessus)
- Scripting and Linux command line (curl, nmap, etc)
- Experience with a support ticket system (ZenDesk, JIRA, SalesForce ServiceCloud)
- Scripting or basic coding skills (any language, but we use mainly Python)
- Experience with and an understanding of REST APIs
What's In It For You?:
- Join a thriving software company in the cyber security industry!
- Be part of an advanced technology company as we enjoy substantial growth
- Above market rate salary
- Pension scheme
- Gym member or Westfield health benefit
- Remote working options (happy to discuss any set up but aiming for a blended and flexible approach)
- Relaxed and light-hearted company culture
As part of our commitment to information security and our ISO 27001 accreditation, please note that upon acceptance of an employment offer with AppCheck, you will undergo pre-employment checks including criminal record (DBS), employment & references as well as verification of Right to Work in the UK.
So, if you're seeking your next challenge as a Security Vulnerability Analyst, please apply via the button shown. This vacancy is being advertised by Webrecruit. The services advertised by Webrecruit are those of an Employment Agency.