IT Application Security Analyst

Job description

ABOUT THE ROLE…: The IT Application Security Analyst plays a key role in embedding security by design across the enterprise software development lifecycle (SDLC). This position partners closely with development, DevOps, QA, and IT Operations teams to integrate secure development frameworks, tooling, and practices that strengthen the security, resilience, and compliance of STG’s applications and platforms. The role focuses on advancing application security maturity by aligning development practices with industry standards such as NIST SSDF and OWASP ASVS , while enabling teams to deliver software securely and efficiently. WHAT WILL YOU BE RESPONSIBLE FOR?: Secure SDLC & Governance: - Assess and continuously improve SDLC processes, tools, and release workflows from a security perspective. - Perform gap analyses against secure‑development frameworks including NIST SSDF and OWASP ASVS . - Define, maintain, and evolve secure development standards and procedures aligned with regulatory requirements such as PCI DSS and CCPA/GDPR . - Partner with engineering teams to recommend and implement practical security improvements across the SDLC. Application Security Enablement: - Embed security c...