Application Security Product Analyst

<div class="content-intro"><p class="x_MsoNormal FluidPluginCopy"><span class="ContentPasted0">Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud. As the <a href="https://www.wiz.io/blog/100m-arr-in-18-months-wiz-becomes-the-fastest-growing-software-company-ever" target="_blank">fastest-growing startup ever,</a> </span><span class="ContentPasted0">Wiz is on a mission to help organizations secure cloud environments that will accelerate their businesses. Trusted by security teams all over the world, we have a proven<span class="ContentPasted0"> </span><a class="ContentPasted0" href="https://www.g2.com/products/wiz-wiz/reviews" target="_blank" data-auth="NotApplicable" data-safelink="true" data-linkindex="1">track record of success</a><span class="ContentPasted0"> </span>and a culture that values world-class talent. </span></p> <p class="x_MsoNormal FluidPluginCopy"><span class="ContentPasted0">Our Wizards from over 20 countries work together to protect the infrastructure of our hundreds of customers, including over 50% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We’re the leading player in a massive and growing market, but it’s still early enough for you to make a significant impact. At Wiz, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. Come join our team and help us create secure cloud environments that allow the best companies to move faster. </span></p></div><p><strong>SUMMARY</strong></p> <p>We're looking for a <strong>Application Security Product Analyst</strong> to join our Product team and spread the power of Wiz. In this pivotal role, you will be the primary operator of our cutting-edge AI-driven Dynamic Application Security Testing (DAST) agent. You will bridge the gap between automated AI testing and security policy, defining the "rules of engagement" for our agents and ensuring they effectively simulate sophisticated attacks while maintaining operational safety.</p> <p><strong>WHAT YOU’LL DO</strong></p> <ul> <li>Oversee the daily deployment, health, and operation of DAST and penetration testing capabilities to ensure optimal scanning across diverse customer environments.</li> <li>Develop and maintain attack policies and rules by creating and fine-tuning the logic that defines how the system identifies, prioritizes, and exploits vulnerabilities.</li> <li>Analyze and validate findings by reviewing complex attack paths to reduce false positives and improve the core logic's performance.</li> <li>Research novel attack vectors and emerging web/API threats to translate new techniques into executable behaviors for the DAST engine.</li> <li>Collaborate on product evolution with RD and Product teams, using operational insights to drive feature requests and continuous improvement.</li> </ul> <p><strong>WHAT YOU’LL BRING</strong></p> <ul> <li>Over 2 years of DAST and penetration testing expertise, including hands-on experience in application security or operating enterprise tools like Burp Suite, OWASP ZAP, or Acunetix.</li> <li>Proven ability in security rule and policy development, specifically in writing custom scripts or signatures to translate vulnerability classes into detection rules.</li> <li>Technical proficiency in web protocols and API standards, with a strong command of HTTP/S, REST, GraphQL, and authentication mechanisms like OAuth and SAML.</li> <li>Proficiency in scripting languages such as Python, Go, or JavaScript to automate tasks and interact with the codebase.</li> <li>An analytical mindset with the ability to diagnose complex logs and scans to distinguish between tool failures, configuration issues, and valid security findings.</li> </ul> <p><strong>BONUS POINTS</strong></p> <ul> <li>Knowledge of AI/ML and how LLMs or reinforcement learning agents operate within a cybersecurity context.</li> <li>SaaS and cloud experience with familiarity ... (truncated, view full listing at source)