Application Security Analyst

Job Description

Join us in pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably. Our inspiring and caring environment forms a global community that celebrates diversity and individuality. We encourage you to step beyond your comfort zone, offering resources and flexibility to foster your professional and personal growth, all while valuing your unique contributions. Supports and consults the project teams (in development, engineering or service) to implement the required product & solution security (software and hardware). * Supports and consults the project leaders in implementing the required product & solution security (software and hardware). * Supports project teams in conducting the corresponding security activities during the development process, project management process and / or services. * Can support multiple projects at the same time and should occupy the function for the main part of is defined working time. * Reports to the Project / Functional Lead and the Product & Solution Security Officer. * Needs to be specialized in at least one of six different areas: Secure Architecture & Design, Secure Implementation, Security Testing, Secure Project Integration, Secure Manufacturing or Secure Services . Key Responsibilities: Assist in Threat Modeling to identify and mitigate security risks in application architectures. Conduct Risk Assessments to evaluate potential vulnerabilities and threats. Support Software Bill of Materials (SBOM) creation and management for software transparency. Perform Software Composition Analysis (SCA) to detect open-source vulnerabilities and licensing risks. Assist in Vulnerability Assessments and help track remediation efforts. Collaborate with development teams to integrate security best practices into SDLC. Contribute to security documentation, compliance reports, and policy development. Requirements: Basic understanding of application security concepts and secure development practices. Familiarity with cybersecurity frameworks, OWASP Top 10, and threat modeling methodologies. Knowledge of security tools related to SCA, SBOM, and vulnerability scanning is a plus. Strong analytical and problem-solving skills with attention to detail. Good communication and documentation skills.