Senior Application Security Analyst

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS.
What you'll do: Senior Application Security Analyst in the Enterprise will be responsible for Implementing DevSecOps Practices across cloud environments & mature ZS's Application Security Program. This role requires strategic and out-of-box thinking, high technical expertise, and effective communication skills to proactively identify and address security risks.

• Support the implementation of DevSecOps practices by integrating security tools and controls into CI/CD pipelines across development and staging environments.
• Collaborate with developers, SREs, and security teams to incorporate security checks during build, deployment, and runtime phases.
• Configure and operate security scanning tools such as SAST, DAST, SCA, container security, and IaC scanning (e.g., SonarQube, Checkmarx, Snyk, Trivy, Terraform Scan).
• Review and analyze findings from security scans, assist in validating vulnerabilities, and help reduce false positives.
• Work with development teams to remediate identified vulnerabilities and track fixes to closure.
• Assist in maintaining CI/CD pipelines (e.g., TeamCity, AWS-based pipelines) with embedded security controls.
• Contribute to "shift-left" initiatives by helping implement reusable pipeline components and security checks.
• Monitor and report on security issues in applications, containers, and cloud environments.
• Support the creation of documentation, guidelines, and basic training materials for secure development practices.
• Stay updated with common application security vulnerabilities, tools, and DevSecOps best practices.
• Collaborate with Application Security teams to support vulnerability triage, basic threat modeling activities, and secure coding practices.\
• Provide day-to-day support to developers and teams on resolving security issues and tool usage

What you'll bring:

• Bachelor's in computer science /management of computer information/information assurance or Cybersecurity
• 3-5+ years of DevSecOps / Secure DevOps /Security Engineer/ Application & Cloud Security roles
• Preferred Certifications: CSSLP / AWS CLP / AWS Certified Solutions Architect / AWS Security Specialty
• Expertise in implementing DevSecOps practices in cloud-native CI/CD pipelines (e.g., GitLab CI, GitHub Actions, Jenkins, TeamCity, Azure DevOps, Bit-Bucket).
• Strong hands-on experience with application security tools such as SonarQube, Fortify, Checkmarx, Snyk, Veracode, BlackDuck, Burp Suite, OWASP ZAP.
• Knowledge of containerization and orchestration security (Docker, Kubernetes, Helm) and tools like Trivy, Kube-bench, and Aqua.
• Working knowledge of programming/scripting languages like Python, Java, JavaScript, C#, .Net or go.
• Familiarity with cloud-native security controls (AWS Security Hub, Azure Defender, GCP Security Command Center).
• Strong scripting skills in Python, Bash, or PowerShell for automation and tool integration.
• Ability to develop and enforce security guardrails, policies, and standards in automated and scalable ways.
• In-depth understanding of OWASP, CWE, CVE scoring, and secure SDLC methodologies.
• Solid understanding of emerging threats and vulnerabilities
• Fluency in English
• Client-first mentality
• Intense work ethic
• Collaborative spirit and problem-solving approach

How you'll grow:

• Cross-functional skills development & custom learning pathways
• Milestone training programs aligned to career progression opportunities
• Internal mobility paths that empower growth via s-curves, individual contribution and role expansions

Perks & Benefits:
At ZS, your growth matters. We offer a comprehensive total rewards package that supports your health and well-being, financial future, time away, and professional development. With robust skills-building programs, multiple career progression paths, internal mobility, and a deeply collaborative culture, you'll have the opportunity to do meaningful work, expand your capabilities, and thrive as part of a global community. For details on total rewards in India , visit ZS India office locations | Where we work | ZS .
Hybrid working model:
We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Travel:
Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures.
Considering applying?
At ZS, we honor the visible and invisible elements of our identities, personal experiences, and belief systems-the ones that comprise us as individuals, shape who we are, and make us unique. We believe your personal interests, identities, and desire to learn are integral to your success here. We are committed to building a team that reflects a broad variety of backgrounds, perspectives, and experiences. Learn more about our inclusion and belonging efforts and the networks ZS supports to assist our ZSers in cultivating community spaces and obtaining the resources they need to thrive.
If you're eager to grow, contribute, and bring your unique self to our work, we encourage you to apply.
ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law.
To complete your application:
Candidates must possess or be able to obtain work authorization for their intended country of employment. An on-line application, including a full set of transcripts (official or unofficial), is required to be considered.
NO AGENCY CALLS, PLEASE.
Find Out More At:
www.zs.com