Senior Application Security Testing Engineer

12 Nov 2024

Vacancy expired!

Business Title: 185576 | Senior Application Security Testing Engineer

Location: Morrisville, NC 27560

Job Type: Direct hire/FTE

Job Description:
  • Enterprise & Security Services (ESS) brings services that are currently spread across the organization together to provide security services across all functions.
  • This function partners closely with IT Risk to support the Bank in protecting, detecting, and thwarting any security threats, managing compliance regulation, and preventing data breaches.
  • Data Protection and Application Security (DPAS) organization within ESS is responsible for the design and delivery of the key technical capabilities, products and services related to information security.
  • This includes Public Key Infrastructure, Data Leakage Prevention, Information Rights Management, Application Security, Authentication and Federation.
  • We operate in four locations currently: UK, Switzerland, Poland, and India providing products and services globally to Client, and we significantly increase our presence in Pune, India in order to provide both commoditized and newly developed services to our internal customers globally.

As the AST Engineer, responsibilities are as follows:
  • Develop and enhance the Application Security Testing (AST) service within the DPAS team, part of ESS.
  • Designing of end-to-end processes, implement and roll-out AST solutions and services (e.g., security controls within the CI/CD pipeline).
  • This includes integration with other products/process/services, preparing workflows, automations, defining requirements for implementation and operational teams, and the creation and maintenance of AST documentation.
  • To engage as the Subject Matter Specialist with divisional partners and application development teams to address technical integration issues and vulnerability remediation.
  • Develop creation of security training and enablement throughout the organization.
  • Development, integration and enhancement of application security metrics and reporting.
  • Open to flexible/agile working.

Your future colleagues:
  • The AST Engineer role will have an opportunity to help shape the security future of Client as part of this transformation by driving design, delivery and rollout of new solutions and products to help mitigate application threats and vulnerabilities.
  • We are a department which values Diversity and Inclusion (D&I) and is committed to realizing the firm's D&I ambition which is an integral part of our global cultural values

Qualifications:
  • We are looking for an applicant who possess a bachelor’s degree in Computer Sciences, Information Technology, or related subject; alternatively, an equivalent education or experience in one of these topics.

List of skills encouraged in an applicant:
  • A proven track record of overall 5+ years of relevant experience in Application Security Testing, Application Development, or Information Security.
  • Professional understanding of IT security, application security technologies, and threat modeling concepts.
  • Detailed understanding and proven experience with common security libraries, security controls, security flaws and remediation planning / delivery.
  • Hands on experience with AST solutions (SAST, IAST, DAST) and vulnerability analysis.
  • Equivalent experience with implementing security controls in the CI/CD pipeline.
  • Development experience in one or more languages (Java, .Net, etc.) in a production environment.
  • Strong communication skills and the ability to collaborate with development and project teams, and senior business partners.
  • Experience in working in international environments, preferably in financial industry.
Dedication to fostering an inclusive culture and value diverse perspectives

  • ID: #22604881
  • State: North Carolina Morrisville 27560 Morrisville USA
  • City: Morrisville
  • Salary: Depends on Experience
  • Job type: Permanent
  • Showed: 2021-11-12
  • Deadline: 2021-12-27
  • Category: Et cetera