Application Security Analyst

Why Choose Bottomline?

Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 35 years of experience and moving more than $16 trillion in payments annually. We're looking for passionate individuals to join our team and help drive impactful results for our customers. If you're dedicated to delighting customers and promoting growth and innovation - we want you on our team!

Job Summary

As an Application Security Analyst, you will play a key role in maintaining our exceptionally high application security standards, established to protect Bottomline’s products and services. This role reports to the Head of Product Security and is responsible for supporting Product teams in our on-going work to identify, assess and mitigate security risks associated with application development and deployment.

Essential Functions and Responsibilities

Execute application scanning operations across Web, API, and service-based applications (SAST, DAST, SCA), ensuring consistent and robust coverage across our products and services.

Support our penetration testing programme by preparing test inputs, coordinating execution activities

Operate and maintain application security tools, including configuration and tuning.

Triage, validate, and enrich findings from code scanning and penetration testing outputs, ensuring high-quality, actionable results

Collaborate with Development teams to communicate and quantify risks clearly, provide remediation and disposition guidance, and promote secure coding practices

Track and report on remediation progress to ensure visibility and alignment with defined risk priorities

Required Experience & Qualifications

1-3 years of experience in Application Security

Bachelor’s degree in Computer Science, Information Security, or a related field.

Proven experience in application security, penetration testing and application vulnerability assessments.

Strong understanding of secure coding practices, software development lifecycle (SDLC) and application security frameworks.

Knowledge of security tools and technologies such as OWASP, SAST, DAST and SCA

Excellent problem-solving skills and attention to detail

Strong communication and collaboration skills to work effectively with cross-functional teams.

Preferred Experience & Qualifications

Cyber certifications (e.g., CISM, CISSP, CEH, GSEC, CASP+, CEH) or equivalent

Note: This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the position

We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. We're proud to be an equal opportunity employer, committed to creating an inclusive and open environment for everyone.