Job Overview:
The Application Security Engineer - Americas is a vital role within the Americas Cybersecurity team, responsible for overseeing and advancing the application security program. This position involves collaborating with development teams to integrate security into the software development lifecycle (SDLC), leading secure code reviews, and managing vulnerability assessments. The ideal candidate will have deep expertise in application security, a strong technical background, and leadership capabilities to drive secure software development practices across the organization.
Key Responsibilities:
- Application Security Leadership: Lead and enhance the application security program for the Americas, ensuring alignment with global security strategies and compliance with regulatory requirements
- Secure Software Development: Collaborate with development and engineering teams to embed security practices into the SDLC, including secure coding guidelines, code reviews, and threat modeling
- Vulnerability Management: Oversee the identification, assessment, and remediation of application vulnerabilities. Manage tools and processes for vulnerability scanning, penetration testing, and secure code analysis
- Security Standards and Best Practices: Establish and enforce application security standards and best practices, ensuring that all applications are designed and implemented securely
- Collaboration with Cross-Functional Teams: Work closely with product managers, architects, and engineers to ensure that security requirements are understood and implemented effectively across all projects
- Security Tooling and Automation: Lead the adoption and integration of security tools and automation processes to streamline application security testing and monitoring
- Training and Awareness: Develop and deliver training programs to raise awareness of application security among developers and other stakeholders
- Incident Response: Support the incident response process by providing expertise in application security and helping to investigate and remediate security incidents
- Continuous Improvement: Drive continuous improvement initiatives to enhance the efficiency and effectiveness of the application security program
Requirements
Job Requirements
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field
- Minimum of 5 years of experience in application security, secure software development, or a related area
- Strong understanding of application security principles, frameworks, and standards, including OWASP, SANS, and NIST
- Proven experience with secure coding practices, code review methodologies, and vulnerability management tools
- Excellent problem-solving and analytical skills, with a focus on identifying and mitigating security risks
- Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams
Preferred Qualifications:
- Relevant certifications such as CSSLP, CEH, or equivalent
- Experience with DevSecOps practices and tools
- Knowledge of cloud security, particularly in AWS, Azure, or GCP environments
- Familiarity with financial technology (fintech) regulations and standards