Security Engineer, Application
6 days ago
As a Security Engineer, Application you will be responsible for developing and growing a risk-based Application Security program to reduce operational risk through secure development practices and advance Hagerty's overall cyber security program. You must like work in multi-disciplined team and with other sharp engineers in a success-oriented, fast-paced, and dynamic environment. In this role you will provide expert technical guidance and hands-on validation of security controls in all areas of the secure software development life cycle (SSDLC) and service-oriented architecture through the modeling, planning, deployment, and use of world-class application security solutions.
Ready to get in the driver's seat? Join us
What you'll do
Design, deploy, and maintain a wide range of security controls. Collaborate with engineers, consultants, and leadership to address security risks and provide mitigation recommendations within the Secure Software Development Life Cycle (SSDLC). Lead the creation of secure coding practices and standards. Perform security architecture and design reviews of all systems and applications developed by Hagerty teams. Perform validation of security controls to ensure adherence with compliance and industry best practices. Determine the impact and provide guidance on emerging programming methods, technologies, and industry trends as they apply to Hagerty's security posture. Understand, communicate, and balance business risk with security risk. Ability to understand business requirements and apply security controls without adversely affecting the desired functionality. High level of personal integrity, with the ability to professionally handle confidential matters, and reflect appropriate level of judgment as it pertains to security. Communicate with engineers, consultants, and leadership to coordinate and deliver security objectives. Determine gaps in cyber security tooling and work with engineering teams to get needed tools deployed and maintained. For example, SAST / DAST tools. Participate in the on-call rotation.This might describe you
Bachelor s degree in Computer Science, Information Security/Cyber Security or equivalent. 3+ years' experience in information security. 2+ years' experience working within software development. Excellent written and oral communication skills and interpersonal skills including the ability to articulate to technical and non-technical audiences. Firm understanding of enterprise class application architectures that are highly scalable, reliable, and the ability to secure them. Experience of security architecture and design reviews. Experience with multiple languages such as .NET, Python, and Java etc. and understand how to detect and remedy related security issues such as OWASP Top 10. Deep technical understanding of how cyber-attacks are carried out and how they can be disrupted. Ability to work independently with minimal direction; self-starter/self-motivated.Desired Experience
Excellent analytical, evaluative, and problem-solving abilities. Experience with securing host, database, and application solutions for multi-tier systems. Experience with AWS and serverless software technologies. Experience with Agile and project management tools like Azure DevOps. Experience with DevOps pipelines and deployment processes. Technical certifications within information security are a plus (CISSP, CCSP, GIAC or equivalents).Other things to note
This position can be worked as remote position within the United States.
Familiarity with public company requirements, including Sarbanes Oxley and key regulations, if applicable. For SOX compliant roles, responsible for designing, executing, and documenting internal controls where they have been identified as owners to prevent errors in financial reporting, processes, and business operations. Including attestation to the completeness, accuracy, and compliance of all financial reporting data, where applicable.
-
Senior Application Security Engineer
1 day ago
united states Lorven Technologies Full timeRole: Senior Application Security Engineer Location: Remote role Duration: Long Term Contract Job Description: Our team is looking for a Senior Application Security Engineer with extensive product security experience and deep expertise in web security, applied cryptography, software security vulnerabilities, IAM solutions, including federation, and...
-
Sr. Application Security Engineer
22 hours ago
united states Prosper Full timeWe are seeking a Sr. Application Security Engineer to join our security team. In this role, you will be a critical partner to engineering, product, and DevOps teams, helping to identify, assess, and mitigate security risks across the software development lifecycle (SDLC). You will drive security by design, shape our product security standards, and ensure...
-
Application Engineer, Cyber Security
1 day ago
united states Inmar Intelligence Full timeThe Application Engineer, Cyber Security is responsible for building, managing and supporting information security that underpins all internal and external user technology services, according to security policies and best practices.The Application Engineer, Cyber Security has strong development experience in numerous programming languages and is the subject...
-
Senior QA Engineer, Secure Remote Access Testing
2 weeks ago
, , United States Keeper Security Full timeWe are seeking a highly motivated and experienced Senior QA Engineer to join our Keeper Connection Manager (KCM) team.. This is a 100% remote position, with the opportunity to work a hybrid schedule for candidates based in the El Dorado Hills, CA or Chicago, IL metro area. Keeper’s cybersecurity software is trusted by millions of people and thousands of...
-
, , United States Keeper Security Full timeWe are seeking a highly motivated and experienced Senior QA Engineer to join our Keeper Connection Manager (KCM) team.. This is a 100% remote position, with the opportunity to work a hybrid schedule for candidates based in the El Dorado Hills, CA or Chicago, IL metro area. Keeper’s cybersecurity software is trusted by millions of people and thousands of...
-
Senior Application Security Engineer
23 hours ago
, , United States Confluent Full timeWith Confluent, organizations can harness the full power of continuously flowing data to innovate and win in the modern digital world. We have a purpose that drives us to do better every day – we're creating an entirely new category within data infrastructure - data streaming. This technology will allow every organization to create experiences and use the...
-
Senior Application Security Engineer
1 day ago
, , United States Confluent Full timeWith Confluent, organizations can harness the full power of continuously flowing data to innovate and win in the modern digital world. We have a purpose that drives us to do better every day – we're creating an entirely new category within data infrastructure - data streaming. This technology will allow every organization to create experiences and use the...
-
Senior Application Security Engineer
1 day ago
, , United States Confluent Full timeWith Confluent, organizations can harness the full power of continuously flowing data to innovate and win in the modern digital world. We have a purpose that drives us to do better every day – we're creating an entirely new category within data infrastructure - data streaming. This technology will allow every organization to create experiences and use the...
-
Senior Application Security Engineer
1 day ago
, , United States Confluent Full timeWith Confluent, organizations can harness the full power of continuously flowing data to innovate and win in the modern digital world. We have a purpose that drives us to do better every day – we're creating an entirely new category within data infrastructure - data streaming. This technology will allow every organization to create experiences and use the...
-
Senior Application Security Engineer
17 hours ago
, , United States Confluent Full timeWith Confluent, organizations can harness the full power of continuously flowing data to innovate and win in the modern digital world. We have a purpose that drives us to do better every day – we're creating an entirely new category within data infrastructure - data streaming. This technology will allow every organization to create experiences and use the...
