Application Security Engineer - Open To Remote

Afmic American Family Mutual Insurance Company, S.I. Madison , WI 53706

Posted 2 months ago

At American Family Insurance, we believe people are an organization's most valuable asset, and their ideas and experiences matter. From our CEO to our agency force, we're committed to growing a diverse and inclusive culture that empowers innovation that will inspire, protect, and restore our customers' dreams in ways never imagined.

American Family Insurance is driven by our customers and employees. That's why we provide more than just a job - we provide opportunity.

Whether you're already part of our team in search of a new challenge or new to our company and ready for what's next, you're in the right place. Every dream is a journey that starts with a single step. Start your journey right here.

Join our team. Bring your dreams.

Job ID: R25708 Application Security Engineer - Open to Remote (Open)

Compensation may vary based on the job level and your geographic work location.

Compensation Minimum:$88,400

Compensation Maximum:$141,600


Responsible for driving secure software development and testing practices with the goal of protecting commercial, internal, external applications, and data.
Solid foundations in application development and understanding of how information security is used to identify potential risks in design, code, or in deployed applications.
Providing security guidance to development teams is required. Successful candidate will be curious, innovative, and an automation enthusiast to help drive implementation of DevSecOps in the full SDLC.
Collaboration and communication skills will be needed to deliver technical application security analysis, internal/external threat analysis, and security control gap analysis for technical and business stakeholders.
Candidate must be committed to and understand the importance of building security solutions that scale both technically and organizationally, and adapt to changing business requirements.

Depending on qualifications, candidates can be considered at any level.
Job Description:
Job Level Summary
Requires in-depth conceptual and practical knowledge in own job discipline and basic knowledge of related job disciplines. Solves complex problems. Works independently, receives minimal guidance. May lead projects or project steps within a broader project or may have accountability for on-going activities or objectives. Acts as a resource for colleagues with less experience.
Primary Accountabilities

Develop, integrate, and test security controls within application development framework. Build strong relationships with peers across functions through collaborative engineering operations and initiatives.

Engages with developers to provide remediation support. Design and implement automated solutions to enable security needs. Designs and develops system-security measures to ensure adequate controls are fully integrated.

Validates current and future-state architectural models to assess impact across all security technology systems. Analyzes security access risk gaps and recommends mitigating and compensating security controls. Leads and participates in outage/SWAT meetings to mitigate security access issues.

Implements security best practices and standards across varied engineering teams and environments. Conducts code reviews with a combination of static testing, manual reviews, and dynamic analysis. Performs application design reviews of internal products and applications.

Assists in vulnerability assessments of internal products and applications. Participate in and conduct application threat modeling exercises in order to identify and drive risk decisions, and influence technical designs and architectures.

Travel Requirements
This position requires travel up to 10% of the time. Education & Licenses
Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent work experience. Specialized Knowledge & Skills Requirements
Demonstrated experience providing customer-driven solutions, support or service. Solid knowledge and understanding of software engineering architectures, system/software designs, and system deployments. Solid knowledge and understanding of Cyber Security, Cyber Engineering, Computer Science, Software Engineering. Solid knowledge and understanding of security technologies and application development methodologies. Demonstrated experience performing cyber threat analysis and incident response. Working knowledge of penetration testing. Solid knowledge and understanding of directory services and identity stores.
Additional Job Information: Strongly Preferred Skills
Solid understanding of common web application technologies, languages, and frameworks. Experience coaching development teams and product owners on building security practices throughout the SDLC and managing and prioritizing risk in an Agile environment. Knowledge of common application vulnerabilities (e.g. OWASP Top 10) and remediation tactics/strategies. Experience working in numerous Cloud and CI/CD environments. Ability to educate software engineers on coding best practices and the latest attack vectors. Mobile app/dev/sec experience. Security+, SSCP, CCSP, CSSLP, CISSP a plus
o Offer to selected candidate will be made contingent on the results of applicable background checks
o Offer to selected candidate is contingent on signing a non-disclosure agreement for proprietary information, trade secrets, and inventions
This role is open to remote work.

When you work at American Family you can expect benefits that support your physical, emotional, and financial wellbeing. You will have access to comprehensive medical, dental, vision and wellbeing benefits that enable you to take care of your health.

We also offer a competitive 401(k) contribution, a pension plan, an annual incentive, and a paid-time off program. In addition, our student loan repayment program and paid-family leave are available to support our employees and their families. Interns and contingent workers are not eligible for American Family Enterprise benefits.

We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.

Stay connected: Join Our Enterprise Talent Community !

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cloud Application Security Engineer

Massmutual Financial Group

Posted 1 week ago

VIEW JOBS 1/13/2022 12:00:00 AM 2022-04-13T00:00 Do you want to be part of a team that encourages your growth, supports your ambitions and makes it a priority for you to reach your goals? Is helping people part of who you are? At MassMutual, we help millions of people find financial freedom, offer financial protection and plan for the future. We do this by building trust with our customers by being knowledgeable problem solvers and prioritize their needs above all else. We Live Mutual. Description At MassMutual, we're passionate about helping millions of people find financial freedom and this passion has driven our approach to developing highly interactive digital experiences for our customers. As such, security is an integral part of our mission and we are looking for the right experts to join us. To help us achieve our mission, we are hiring a Cloud Application Security Engineer to join our team. What great looks like in this role: Our ideal candidate is passionate, collaborative and highly knowledgeable in the cloud security space. You'll use your skills to make a significant impact in an area with high visibility. As such, we are looking for an exceptional candidate that will help build the enterprise-wide cloud security controls and lead the development, execution, and enhancements of MassMutual's cloud cyber security risk assessment and governance program producing key performance indicators to drive the right behavior over time. Objectives of this role * Act as the security liaison on the cloud migration team. * Review applications to be migrated for potential additional changes needed to security. Daily and monthly responsibilities * Influence major stakeholders and work with them to implement the Cloud Security Controls in Cloud environments (IaaS/PaaS). * Perform the control gap assessments to prioritize the implementation of Security Controls across multiple Cloud environments (IaaS/PaaS) * Evaluate applications as they migrate to the cloud for potential security changes. * Work with the application teams to implement the security controls and configurations for the Hybrid Cloud environment. Skills and qualifications * 5 years of experience with building software * 3 years of experience with software security * 3 years of experience with cloud (AWS or Azure) * Being able to define proper risk levels that align with the company risk appetite and do not diminish velocity or innovation. * Expert knowledge of Cloud methodologies (IaaS, PaaS, SaaS), automation, orchestration, cost frameworks, trends, and industry-leading cloud vendor offerings and integrations. * Experience with DevSecOps and Agile Methodologies along with experience with third-party Cloud security tools and dealing with Cloud Native Application Architectures and their associated security implications. * Strong interpersonal, verbal presentation and written communication skills along with the ability to work independently. * Ability to interface with stakeholders, utilizing consulting and negotiating skills * Able to work east coast hours * Willing to travel to Boston, MA; NY, NY, and Springfield, MA as needed. * Bachelor's Degree in Computer Science/Engineering or equivalent Preferred qualifications: * Cloud providers certifications: DevOps Foundation, CISSP, Secure Software Practitioner (SSP), AWS Foundations, Azure Foundations Target job salary: $82,300.00 - $143,300.00 USD Annual #LI-BO1 #LI-Remote Why Join Us. We've been around since 1851. During our history, we've learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable and ethical business with industry leading pay and benefits. And your voice will always be heard. Recognized as a 2020 World's Most Ethical Company by Ethisphere, MassMutual is guided by a single purpose: We help people secure their future and protect the ones they love. As a company owned by our policyowners, we are defined by mutuality and our vision to put customers first. It's more than our company structure - it's our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources, and rely on each other when it counts. At MassMutual, we Live Mutual. MassMutual is an Equal Employment Opportunity employer Minority/Female/Sexual Orientation/Gender Identity/Individual with Disability/Protected Veteran. We welcome all persons to apply. Note: Veterans are welcome to apply, regardless of their discharge status. Massmutual Financial Group Madison WI

Application Security Engineer - Open To Remote

Afmic American Family Mutual Insurance Company, S.I.