Job Description

Description & Requirements
Position Summary:
The Web Application Security Analyst/Engineer is responsible for ensuring the security of enterprise web applications and related cloud environments. This role focuses on identifying, analyzing, and mitigating security vulnerabilities across applications, APIs, and infrastructure through both manual and automated testing, while supporting secure development practices across the SDLC. Leverage AI/ML technologies across threat detection, vulnerability assessment, secure coding, WAF management, and cloud security operations to automate analysis, accelerate remediation, and enhance overall security posture.
The ideal candidate will have strong hands-on experience with Burp Suite, Web Application Firewalls (preferably Cloudflare), and application security testing methodologies (DAST, SAST, and SCA). Experience in penetration testing, AWS security, and a deep understanding of the OWASP Top 10 are highly desirable.
Key Responsibilities:

• Perform comprehensive web application vulnerability assessments using Burp Suite, DAST, SAST, and SCA tools.

• Manage and tune Web Application Firewalls (WAF) - preferably Cloudflare - to detect, prevent, and mitigate web-based attacks.

• Collaborate with development and DevOps teams to integrate security testing into CI/CD pipelines and ensure secure coding practices.

• Review code and configurations for vulnerabilities and recommend effective remediation strategies.

• Conduct threat modeling and security reviews for new and existing web applications.

• Provide expert guidance on addressing findings aligned with OWASP Top 10 risks and other relevant frameworks.

• Perform periodic penetration testing of web applications and APIs to identify real world attack vectors.

• Support vulnerability management and tracking through resolution, partnering closely with engineering and IT teams.

• Assist in the design and maintenance of secure architectures for AWS-hosted applications and services.

• Develop and deliver security awareness training specific to web application security for developers and engineers.

Qualifications & Experience:
Required:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.

• 3-5 years of experience in web application security or a related cybersecurity role. o Strong hands-on experience with:

o Burp Suite (Professional or Enterprise)
o Web Application Firewalls (preferably Cloudflare)
o DAST, SAST, and SCA tools (e.g., OWASP ZAP, Veracode, Checkmarx, SonarQube, Snyk, etc.)
o Terraform for secure cloud infrastructure deployment

• Solid understanding of OWASP Top 10, secure SDLC, and common web vulnerabilities (XSS, SQLi, CSRF, etc.).

• Familiarity with AWS cloud security concepts, IAM policies, and application deployment in cloud environments.

Preferred / Added Advantage:

• Experience performing manual penetration testing and vulnerability exploitation.

• Experience with automation or scripting languages (Python, Bash, or PowerShell) for security testing or integration.

• Good to have relevant certifications such as GWAPT, OSWE, OSCP, or CEH.

Soft Skills:

• Strong analytical and problem-solving abilities.

• Excellent communication and collaboration skills, with the ability to explain complex security concepts to technical and non-technical audiences.

• Detail-oriented, proactive, and capable of working independently in a fast-paced environment.

About Infor
Infor is where ambition meets impact. Join a global community of bold thinkers and innovators, where your expertise doesn't just solve problems. it shapes industries, unlocks opportunities, and creates real-world impact for billions of people. At Infor, you're not just building a career. you're helping to build what's next.
Infor is a global leader in business cloud software products for companies in industry specific markets. Infor builds complete industry suites in the cloud and efficiently deploys technology that puts the user experience first, leverages data science, and integrates easily into existing systems. Over 60,000 organizations worldwide rely on Infor to help overcome market disruptions and achieve business-wide digital transformation.
For more information visit
Our Values
At Infor, we strive for an environment that is founded on a business philosophy called (TM) (PBM(TM)) and eight Guiding Principles: integrity, stewardship & compliance, transformation, principled entrepreneurship, knowledge, humility, respect, self-actualization.
We have a relentless commitment to a culture based on PBM(TM). Informed by the principles that allow a free and open society to flourish, PBM(TM) prepares individuals to innovate, improve, and transform while fostering a healthy, growing organization that creates long-term value for its clients and supporters and fulfillment for its employees.
Infor is an Equal Opportunity Employer. We are committed to creating a diverse and inclusive work environment. Infor does not discriminate against candidates or employees because of their sex, race, gender identity, disability, age, sexual orientation, religion, national origin, veteran status, or any other protected status under the law. If you require accommodation or assistance at any time during the application or selection processes, please submit a request by following the directions located in the .
Fraud Awareness
We have been made aware of unauthorized individuals posing as Infor recruiters, including some who have made fraudulent offers of employment. Please read our and protect yourself from recruitment scams.
Fraud Privacy Policy
We value your privacy at Infor. You may access our privacy policy .

Skills Required