B&H Photo Video

About the Company

B&H is proud to have been named by Forbes as one of America's Best Mid-Size Employers in 2018. View a list of our open jobs at www.bhphoto.com/careers. B&H is world renowned as the place to be for all your photo, video, pro audio and digital imaging needs. In 50 years of existence, B&H has established itself as both a Super Store located in the heart of New York City as well as an on-line resource that caters to photo and video enthusiasts -- professional and amateur alike. Long known as "The Professional Source", consumers worldwide look to B&H for knowledgeable guidance when purchasing cameras and related accessories. Why do our clients like to do business with B&H? Our award-winning customer service department, our sales staff's product knowledge, the largest, most extensive inventory in the industry (more than 300,000 items), our user-friendly website, rapid order fulfillment and prompt delivery are just a few of the reasons. B&H offers competitive salaries, medical benefits, a 401K plan, employee discounts, and equally important, an opportunity to grow within a high-energy company that continues to grow by leaps and bounds.

Listed Jobs

Company Name

B&H Photo Video

Job Title

Application Security Analyst

Job Description

Job Title: Application Security Analyst Role Summary A professional who safeguards application security across the software development life cycle by implementing secure coding practices, conducting risk‑based vulnerability assessments, and steering remediation efforts in collaboration with development, operations, and business stakeholders. Expectations - Ensure all applications are designed, built, tested, and deployed in accordance with industry security best practices. - Provide expert guidance on secure development, threat modeling, and risk mitigation throughout projects. - Act as a security liaison between technical teams and non‑technical stakeholders, translating complex security findings into actionable business decisions. Key Responsibilities - Influence and coach development teams on application security, secure coding standards, and threat‑modeling activities. - Evaluate, deploy, and manage security tooling: static and dynamic analysis, SAST/DAST, dependency scanning, web/JavaScript security checks, and application firewalls. - Collaborate with developers to remediate vulnerabilities, applying risk‑based prioritization. - Recreate attack vectors to demonstrate threat impact and validate fixes. - Author and maintain secure coding requirements, policies, and procedures. - Stay current with emerging application security threats, OWASP Top 10, SANS Top 25, and cloud/AI security trends. - Contribute to incident response, breach investigations, and post‑mortem analyses. - Recommend new security controls, tools, and processes for continuous improvement. - Develop and report on Application Security metrics and program effectiveness. Required Skills - 2–5 years of enterprise coding experience, preferably in DevOps/DevSecOps environments. - Hands‑on knowledge of OWASP Top 10, SANS Top 25, and common web application threat vectors. - Proficiency in static/dynamic scanning tools, dependency analysis, and application firewalls. - Strong analytical skills for risk‑based vulnerability assessment and remediation strategy. - Excellent written and verbal communication, capable of explaining technical security concepts to both technical and non‑technical audiences. - Understanding of cloud security principles and AI security fundamentals (desirable). - Familiarity with risk assessment frameworks and methodologies. Required Education & Certifications - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience). - Industry security certifications such as CSSLP or CISSP strongly preferred. - Additional certifications in cloud security (e.g., AWS Security Specialty, Azure Security Engineer) and AI security are advantageous.

New york city, United states

On site

Junior

03-12-2025