Country/Region:  US
Requisition ID:  36924
Work Model:  Hybrid
Position Type:  Contract
Salary Range: 
Location:  US - NJ - BIRLASOFT OFFICE

Title:  Contractor

Description: 

Area(s) of responsibility

Job Description – Application Security Analyst

This role is ideal for a security professional who can represent Information Security during project planning and implementation, ensuring that security requirements are embedded into new initiatives from inception through deployment.

Position: Application Security Analyst
Experience: 10 Years
Location: Hybrid / Onsite - NYC, NY

Job Summary

We are seeking an experienced Application Security Analyst to act as the Information Security representative (proxy) for new business and technology initiatives. The role will be responsible for evaluating security requirements, conducting architecture and risk reviews, ensuring compliance with enterprise security standards, and providing security guidance throughout the project lifecycle.

Key Responsibilities

  • Serve as the Information Security (IS) representative/proxy for new initiatives, projects, and technology implementations.
  • Participate in project discussions, architecture reviews, and design workshops to identify security risks and required controls.
  • Perform security assessments, threat modeling, and risk analysis for new applications, systems, and infrastructure solutions.
  • Review application and system architectures to ensure alignment with security policies, regulatory requirements, and industry best practices.
  • Provide security recommendations related to authentication, authorization, encryption, network security, and data protection.
  • Partner with business, application development, infrastructure, cloud, and third-party vendors to integrate security requirements early in the project lifecycle.
  • Review security exceptions and recommend risk mitigation strategies.
  • Support governance, risk, and compliance activities, including audit and regulatory requirements.
  • Evaluate cloud and on-premises solutions for security risks and control effectiveness.
  • Track remediation of identified security gaps and vulnerabilities.

Required Skills

  • Strong experience in Application Security, Security Architecture, or Information Security Consulting.
  • Experience conducting security architecture reviews, threat modeling, and risk assessments.
  • Knowledge of secure software development practices and application security controls.
  • Understanding of security frameworks such as NIST, ISO 27001, CIS Controls, and OWASP Top 10.
  • Experience with cloud security concepts across AWS, Azure, or GCP.
  • Strong understanding of:
    • Encryption and Key Management
    • Secure SDLC
    • Vulnerability Management
  • Ability to communicate security risks and recommendations to both technical and business stakeholders.

Preferred Qualifications

  • Experience in financial services, banking, or highly regulated environments.
  • Familiarity with security governance, regulatory compliance, and audit processes.
  • Certified Ethical Hacker (CEH) – Mandatory

Key Competencies

  • Understanding of Security Architecture
  • Application Security
  • Threat Modeling & Risk Assessment
  • Secure Design & Governance