Application Security Engineer

At Enact Mortgage Insurance (Nasdaq: ACT), we understand that there is no place like home. That is why we bring our deep expertise, insightful offerings, and extra mile service to work every day to help lenders put more people in homes and keep them there.

We are seeking an Application Security Engineer in Raleigh, NC to join our team. In this role, you will enhance our technical security vulnerability management processes, focusing on identifying, triaging, and addressing code, configuration, and patch-related vulnerabilities within our application delivery pipelines and production environments, both on-premises and in the cloud. Join us to advance our mission with a commitment to excellence, continuous improvement, and strong connections.

LOCATION

Enact Headquarters, Raleigh, NC - Hybrid Schedule

YOUR RESPONSIBILITIES

• Deploy and Operationalize Application Security Tools: Implement and manage a suite of application security tools such as SAST, DAST, and SCA, ensuring their seamless integration into the development pipeline.

• Educate Application Delivery Team: Conduct training sessions and workshops to educate the application delivery team on secure coding practices, emphasizing the OWASP Top 10 for web apps and APIs, as well as the OWASP Cheat Sheet Series.

• Support Transition to the Cloud: Define security requirements and evaluate design proposals to support the organization's cloud native approach to refactoring and re-platforming business critical web services in cloud, ensuring all cloud-based applications and services meet security standards.

• Mentor Junior AppSec Engineer: Provide guidance and mentorship to a junior application security engineer, helping them develop their skills and grow within the organization.

• Influence Requirements Analysis and Design: Participate in requirements analysis and design phases of new projects to ensure secure software delivery standards are integrated from the outset.

• Address Security Issues: Identify, assess, and remediate security issues in applications and systems, ensuring vulnerabilities are resolved promptly and effectively.

• Mediation Between Teams: Function as a mediator between the application delivery and security teams, ensuring clear communication and collaboration on application security matters.

• Coordinate Penetration Tests: Coordinate and oversee web services penetration tests to identify vulnerabilities and ensure the security of applications.

YOUR QUALIFICATIONS

• Bachelor's degree in computer science or equivalent and relevant industry experience.

• Current or former software engineer with experience delivering business-critical web services, including application programming interfaces (APIs).

• Practical experience working with scripting languages or popular web framework.

• Strong grasp of the OWASP Top 10 for web apps and APIs, as well as the OWASP Cheat Sheet Series.

• Experience with static application security testing (SAST) and dynamic application security testing (DAST).

• Experience conducting secure code reviews for critical aspects of web services to ensure robust security and compliance.

• Proven ability to influence requirements analysis and design, and address security deficiencies effectively.

• Strong ability to educate software engineers in secure coding practices.

• Proven ability to mediate between application delivery and security teams.

• Experience mentoring junior engineers.

• Effective communication and collaboration skills.

PREFERRED QUALIFICATIONS

• Experience conducting or coordinating web services penetration tests.

• Experience in securing serverless, containerized, and event driven environments.

• Experience securing CI/CD pipelines.

• Experience supporting industry leading web application firewalls through the creation of custom rules to filter and mitigate current and emerging threats.

COMPANY

Enact is a leading publicly traded U.S. private mortgage insurance provider, offering borrower-centric products that enable lenders and other partners across the U.S. to help people responsibly achieve and maintain the dream of homeownership.

By empowering customers and their borrowers, Enact seeks to positively impact the lives of those in the communities in which it serves in a sustainable way. Headquartered in Raleigh, North Carolina, we play an active role in supporting a healthier Triangle community. We also support our colleagues' philanthropic efforts in their home communities across the U.S.

Enact values all perspectives, characteristics and experiences, and DEI remains at the forefront of what we do. We strive to create an environment where employees can bring their full, authentic selves to work to help each other and their customers.

We are proud to be an equal opportunity employer and all hiring decisions are based on merit, qualifications, and business needs. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

WHY WORK AT ENACT

We bring innovative thinking to the situations at hand.

We seek out and incorporate diverse views to strengthen our outcomes.

We work on challenging and rewarding projects.

We offer competitive benefits:

• Hybrid work schedule (shared in-office days Tues/Wed/Thurs)

• Generous Time Off

• 40 Hours of Volunteer Time Off

• Tuition Reimbursement and Student Loan Repayment

• Paid Family Leave and Flexible Spending Accounts

• 401k with up to 5% employer match

• Fitness and Emotional Wellness Reimbursements