Web Application Security Analyst III

Full Time
Oklahoma City, Oklahoma
report a problem

Paycom is growing at a phenomenal rate and we are looking for friendly, smart, driven, focused, energetic, passionate and successful individuals to join our team. Paycom offers world-class training and advancement opportunities. When you work at Paycom, you’re working for the best.
Every day at Paycom is exciting as we grow closer to our goal of nationwide expansion and industry domination.

Responsible for information security policy development and maintenance within the Paycom software development lifecycle; design of security policy education, training, and awareness activities; monitoring compliance with security policy and applicable law; and coordinating investigation and reporting of security incidents. Primarily responsible for web application security assessments and code review as part of the software development lifecycle. Works with Application Support, Software Development and Quality Assurance to perform web application pen tests, automated vulnerability assessment scans, risk assessments, and code reviews.



  • Monitors information security news for emerging threats and technologies that could have an impact on the security of Paycom’s processes, systems, and applications.
  • Coordinates and executes information security projects.
  • Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
  • Protects organization's value by keeping information confidential.
  • Performs web application security assessments, vulnerability scanning and testing.
  • Documents and reports on specific duties, activities, problems solved and issues resolved.
  • Assists in the development of benchmarks and sets specific goals for the evolution of the security of Paycom’s systems, processes, and applications.
  • Perform and develop security focused training for Paycom’s development team.
  • Actively seeks to expand individual skills through research, training, and collaboration with peers.
  • Attends meetings and serves on committees, as requested.
  • Work flexible hours, including weekends and evenings
  • Availability to respond to emergency situations
  • Performs additional duties and assignments as requested.
  • Bachelor’s Degree in Computer Science, Engineering or related Field
  • Industry Certification (GCIH, GWAPT, GWEB, GPEN, CISSP, GSE etc.) highly preferred


Experience Required:

5+ years of software development or application security testing experience


  • Ability to perform targeted application penetration tests without use of automated tools
  • Expert level understanding of OWASP and other software security best practices
  • Knowledge of application reverse engineering techniques and procedures
  • Experience with application layer assessment tools, such as local proxies and fuzzers
  • Experience with threat modeling and security design review methodologies
  • Significant experience with penetration testing against a wide variety of application layer platforms, including web, mobile, and thick client above and beyond running automated tools
  • A strong understanding of Unix, Windows and network security skills
  • Highly responsive with an ability to handle escalations quickly and professionally
  • Strong verbal and written communication skills
  • Ability to deliver reporting on and providing fixes to identified vulnerabilities at the code level (developer friendly)
  • Interpret and apply laws, regulations and policies
  • Work for extended time at keyboard/terminal
  • Maintain effective working relationships with supervisor and coworkers


Paycom provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, pregnancy, military and veteran status, age, physical and mental disability, genetic characteristics, or any other considerations made unlawful by applicable state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Paycom expressly prohibits any form of workplace harassment based on race, color, religion, sex, national origin, pregnancy, military and veteran status, age, physical and mental disability, or genetic characteristics.

Share this job:


It's All About Your PEOPLE
Paycom (NYSE:PAYC) helps employers streamline their payroll and HR processes with the latest cloud-based human capital management technology. We innovated payroll services over the Internet and for over a decade, our Software-as-a-Service (SaaS) solution has helped to free companies from the constraints of traditional software. In addition to payroll processing we offer a complete suite of human capital management tools that includes time and attendance, HRIS, talent acquisition, HR management and talent management all in one online application.

Paycom is growing at a phenomenal pace by providing cutting-edge technology and personal payroll expertise at a lower cost. As one of the largest and fastest-growing human capital management providers, Paycom serves clients in all 50 states from 42 sales teams across the country.

Payroll Processing, HR, Human Resources, Tax Credits, HRIS, Benefits Administration, Software-as-a-Service, SaaS, Time and Attendance, Talent Acquisition, HR Management, Talent Management
Visit Paycom's Social Media pages:
Company Industry: Computer Software
Company Type: Public Company
Company Size: 1,001-5000