Apply on Employer Site

Stellantis · 1 month ago

Application Security Analyst

Auburn Hills, MI

Full-time

Onsite

Senior Level

5+ years exp

Stellantis is seeking an Application Security Analyst to work with the application development team to analyze application code vulnerabilities and run security scans. The role involves extending WAF deployment, providing guidance on secure coding, and coordinating with cross-functional teams to implement security controls in the software development lifecycle.

AutomotiveIndustrial ManufacturingRetailTransportation

H1B Sponsor Likely

Responsibilities

Hands-on experience working with DevSecOps pipeline using CICD automation tools like Jenkins, TeamCity, GitLab, GitHub Action, Checkmarx, GitHub Advance Security, BurpSuite, and open-source tools

Implement Application Cyber Security Controls/Policies and standards developed by Application Security Program

Lead deployment of WAF for existing and new applications

Ability to demo security vulnerability to application teams

Drive application security issues to a resolution

Provide a clear guidance to application teams during vulnerability mitigation effort

Conduct application security assessment using standard Stellantis application security tools

Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status

Categorize and recommend assessment strategies for existing and new application development

Coach development and supplier teams on application security

Develop user training material and conduct training sessions

Qualification

Application Security AnalysisDevSecOps PipelineWAF DeploymentSASTDASTIASTSecure CodingNISTISO FrameworksCloud PlatformsProgramming LanguagesTraining DevelopmentTechnical WritingProblem-Solving SkillsCommunication SkillsTeam Collaboration

Required

Bachelor's degree in computer science, Technology or other related field

Strong understanding of application architectures, development methodologies, and programming languages

Problem-solving skills and the ability to work both independently and as part of a team

Technical writing and communication skills to articulate security risks and findings to both technical and non-technical audiences

Hands on experience running SAST, DAST, IAST, SCA and Mobile scans

Knowledge of security and compliance frameworks like NIST and ISO

Understanding and experience in NIST SSDF or other secure software development frameworks

Experienced and knowledgeable in deployment of WAF tools such as Akamai, Cloudflare, Azure Front Door, and AWS WAF etc

Knowledge of the OWASP Top 10 and mitigation strategies for each

Knowledge on techniques of web attacks, DDoS attacks and BOT attacks and management/mitigation controls for them

Experienced with cloud platforms (AWS, Azure, GCP) and container frameworks

Knowledge of programming, scripting, and query languages such as Java, SQL, HTML, JavaScript

At least 5 years of application security analysis, testing and DevSecOps experience

Preferred

Hands on experience reviewing application security secure code preferred in Java, C#, Python etc. popular programming languages

Prefer that candidates will have experience in scripting languages

Preferable is candidate has GIAC GWEB, ISC2 CSSLP, EC-Council CASE or other comparable professional certificates

Company

Stellantis

Glassdoor3.7

Stellantis is an Franco-Italian-American automotive holding company that manufactures automobiles.

Founded in 2021

Hoofddorp, Noord-Holland, NLD

10001+ employees

https://www.stellantis.com/

H1B Sponsorship

Stellantis has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (2)

2024 (3)

2023 (2)