Senior Application Security Analyst

Senior Application Security Analyst

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
Global Relay

At a Glance

  • Tasks: Lead advanced application security testing and mentor a team of analysts.
  • Company: Global Relay, a leader in enterprise information archiving with a focus on innovation.
  • Benefits: Competitive salary, mentoring, diverse culture, and opportunities for career growth.
  • Other info: Join a dynamic team that values creativity and collaboration.
  • Why this job: Make a real impact in security while working with cutting-edge technologies.
  • Qualifications: 5-8 years in application security testing and strong technical skills.

The predicted salary is between 60000 - 80000 £ per year.

Who we are

For over 25 years, Global Relay has set the standard in enterprise information archiving with industry-leading cloud archiving, surveillance, e Discovery, and analytics solutions.

We securely capture and preserve the communications data of the world’s most highly regulated firms, giving them greater visibility and control over their information and ensuring compliance with stringent regulations.

Though we offer competitive compensation and benefits and all the other perks one would expect from an established company, we are not your typical technology company.

Global Relay is a career-building company.

A place for big ideas.

New challenges.

Groundbreaking innovation.

It’s a place where you can genuinely make an impact – and be recognized for it.

We believe great businesses thrive on diversity, inclusion, and the contributions of all employees.

To that end, we recruit candidates from different backgrounds and foster a work environment that encourages employees to collaborate and learn from each other, completely free of barriers.

Job Purpose

The Senior Application Security Specialist is a senior technical role leading advanced application security testing, complex vulnerability analysis and threat modelling across the Application & Product Security function.

You will provide technical leadership, mentor analysts and specialists, act as a security point of contact for engineering, and contribute to security strategy and standards.

Scope & Autonomy

Leads testing workstreams and sets the technical approach for complex assessments; acts as an escalation point for L1/L2 and a security partner to engineering.

Duties and Responsibilities

  • Lead advanced security testing of critical applications and services, including deep-dive manual testing and targeted penetration tests across web, mobile and API surfaces.
  • Own threat modelling using structured frameworks (STRIDE, PASTA), producing threat models for new features and architecture changes.
  • Support and engage in the penetration testing programme.
  • Design security test strategies for new products and major changes.
  • Act as subject-matter expert and primary point of contact between engineering and the Application Security team.
  • Provide oversight of scanning-tool usage and KPIs in the CI/CD pipeline.
  • Own the overarching triage, escalation and evidence-quality framework across all scanning tools and testing streams, resolving the most complex or contested findings and setting the standard L1/L2 analysts and specialists are mentored against.
  • Track and report key security testing metrics (e. g. time-to-remediate, recurring defect patterns) to senior stakeholders.
  • Build and maintain advanced test cases, automation frameworks and custom tooling to improve coverage and efficiency.
  • Own the security release process, including remediation verification and closure standards.
  • Mentor and coach analysts and specialists; provide training material, playbooks and quality review of finding reports.
  • Act as an escalation point for L1/L2 security analysts.
  • Provide expert-level root-cause analysis and remediation guidance for the most complex or systemic security defects and set remediation standards developers and L1/L2 analysts follow across the programme.
  • Develop and maintain process documentation and testing standards.

Qualifications

  • 5–8 years' hands-on experience in application security testing.
  • Advanced knowledge of internet and network technologies.
  • Expert understanding of web and API technologies and common vulnerabilities (OWASP Top 10, API/LLM Top 10, Mobile Top 10).
  • Advanced mobile security testing (Android/i OS) — reverse engineering, runtime manipulation, Frida scripting, Objection.
  • Advanced knowledge of container orchestration and Kubernetes security, including cluster hardening, RBAC and workload isolation.
  • Advanced AI/LLM security assessment.
  • Expert understanding of security controls (access control, encryption, logging/monitoring, secure configuration) and how to assess their effectiveness at scale.
  • Strong offensive security skillset — manual web and API testing, authentication/authorisation bypass, session management, business-logic abuse and data-protection testing.
  • Advanced knowledge of threat remediation techniques specific to the programming languages in use at Global Relay.
  • Strong awareness of advanced persistent threats (APTs), threat actor tactics (e. g.

MITRE ATT&CK) and emerging vulnerability classes, and ability to apply this awareness to test strategy design.

  • Ability to build and own automation: scripting test cases (Python, Bash), integrating with Test Rail and Jira, building automated Burp Suite Pro scanning workflows in CI/CD, and working knowledge of supporting tools such as Postman and Sonar Qube.
  • Excellent communication skills; ability to influence technical and non-technical stakeholders.
  • Recognised advanced certifications preferred (e. g. OSCP, OSWE).

Global Relay is unable to offer visa sponsorship for this position. Candidates must have the right to work in the UK at the time of application.

What you can expect

At Global Relay, there’s no ceiling to what you can achieve.

It’s the land of opportunity for the energetic, the intelligent, the driven.

You’ll receive the mentoring, coaching, and support you need to reach your career goals.

You’ll be part of a culture that breeds creativity and rewards perseverance and hard work.

And you’ll be working alongside smart, talented individuals from diverse backgrounds, with complementary knowledge and skills.

Global Relay is an equal-opportunity employer committed to diversity, equity, and inclusion.

We seek to ensure reasonable adjustments, accommodations, and personal time are tailored to meet the unique needs of every individual.

To learn more about our business, culture, and community involvement, visit www. globalrelay. com.

#J-18808-Ljbffr

Global Relay

Contact Details:

Global Relay Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Senior Application Security Analyst

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Global Relay, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through Global Relay

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Global Relay. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Senior Application Security Analyst

Application Security Testing
Vulnerability Analysis
Threat Modelling
Penetration Testing
Web Technologies
API Security
Mobile Security Testing

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Global Relay insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Global Relay that you’re committed to staying ahead in the game.

How to prepare for a job interview at Global Relay

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at Global Relay to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Global Relay.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.