Posted Jul 12, 2026

AVP, Application Security Dynamic Analyst

Apply for this role →
About the position AVP, Application Security Dynamic Analyst will be responsible for the development and implementation of effective security controls pertaining to information systems. A significant part of this role's focus is to ensure successful execution of Dynamic Application Security Testing (DAST) and web application security assessments on custom-coded applications and API's, review security findings with application teams, and support remediation tracking. Responsibilities • Execute DAST and web application security assessments for custom-developed internal and external-facing applications including web applications, web services, and API's, utilizing enterprise DAST platforms and tooling. • Partner with developers to perform False Positive Analysis and audit/triage of findings to ensure true positives are identified and addressed. • Validate remediation of DAST, web application, and API security assessment findings. • Configure, analyze, and troubleshoot DAST scans, scanner traffic/logs, and ensure high fidelity results for successful execution of DAST scans. • Manage API security platform configuration, detections, and events. • Consistently enforce application security requirements as defined in applicable Standards, Procedures, and Job Aids, identifying and escalating instances of non-compliance. • Operate in an Agile development environment, understanding tools, concepts, and methodologies. • Contribute towards maturing application security processes, standards, and guidelines. • Create and enhance internal documentation, e.g. job aids and run books. • Support the collection of data and documentation in support of examinations/audits. Requirements • Bachelor's degree and a minimum 3 years of work experience in IT OR in lieu of a degree, a High School Diploma/GED and minimum 5 years work experience. • In-depth knowledge and experience in Dynamic Application Security Testing (DAST) and manual web application assessments. • Knowledge and understanding of common security vulnerabilities and weaknesses, including OWASP Top 10 (web and API). • Hands-on experience with any of the following application security assessments tools: OpenText WebInspect and WebInspect Enterprise, Burp Suite Professional, or other commonly used DAST enterprise tools. • Hands-on experience with any of the following API security platforms: Traceable, Noname, Salt Security. Nice-to-haves • Industry certifications such as CISSP, CSSLP, GWAPT, Security+, or C|EH are a plus. • 3 or more years with Secure coding practices/System Integration. • Financial services industry experience. • Excellent written and verbal communication skills along with the proven ability to present complex, technical information to both technical and non-technical audiences. • Awareness of the latest cybersecurity trends and developments. • Equivalent work experience and a proven track record in the field of Software Development and/or Information security. Benefits • Annual bonus based on individual and company performance. • Salary range of 100,000.00 - 170,000.00 USD Annual. • Salaries adjusted according to market in CA, NY Metro and Seattle.