Associate Security Engineer - Application & Product Security

Jacksonville, FL, United States

Associate Security Engineer – Application & Product Security page is loaded

Associate Security Engineer – Application & Product Security

Apply

locations

Jacksonville, FL - VyStar Tower

time type

Full time

posted on

Posted 2 Days Ago

job requisition id

R0009538

At VyStar, we offer competitive pay, an excellent benefit package that includes a 401(k) Plan, an extensive paid technical and on-the-job training program, and tuition

reimbursement--available

to all full and part time employees. Part time positions start at a minimum of 30 hours per week.

We encourage you to become a part of VyStar Credit Union's family of employees.

Associate Security Engineer – Application & Product SecurityACCOUNTABILITY STATEMENT

In support of the AVP, Application Product Security, the Application & Product Security Engineer will perform various functions, including the collaboration and assurance of building processes for securing software applications, ability to create and integrate security standards through assessments, advisement, and coordinating with the AVP in consultative engagements with various business units (directly and via their technology delivery teams). Application Security focuses on partnerships with multiple product teams to drive risk reduction through a thoughtful, targeted, and collaborative model. This role will help to support the AVP in communicating security to many audiences, including business and technical leaders and individual contributors, as well as others within the Information Security Team.

ESSENTIAL FUNCTIONS:

Support Security Enablement via an Agile Method: Support multiple concurrent security integration initiatives with various business units for various development and deployment projects in offset phases within an agile framework with a dedicated staff of specialists through the requirements, design, development, and operating phases.

Support the AVP, Application and Product Security in implementing a robust Customer Identity and Access Management (CIAM) function to ensure security and privacy aspects to registration, authentication, self-service, personalization of experience and privacy of member data is secure and meets required regulatory

requirements. Specifically,

Supports scalability of platform to meet the needs of members based on product or services enablement.

Implement required authentication and identity parameters (e.g., SSO, MFA, geo-location, etc.)

Implement attack protection for CIAM across enterprise public-facing platforms through enablement of services such as Web Application Firewall (WAF), DDoS, Bot protections ensuring robust monitoring, alerting and actionable policies are in place to protect against external threats.

Support program strategy for API security, mergers and acquisitions evaluations, and open-source security.

Support the AVP, Application and Product Security in the implementation of secure engineering practices such as design & code reviews, threat modeling, penetration testing, continuous integration, and security focused behavior-driven

development. Specifically:

Threat Modeling: Support threat modeling for

platform/applications/services

that deliveries core services to B2B and B2C customers.

Secure Software Development: Implement and support security services and practices including static and dynamic scanning and code review, Penetration testing, open and internal sourced component lifecycle management, SDLC policies and standards.

Support the design development, and validation of secure code of systems, solutions and processes from a security perspective and premise, hybrid and with multiple cloud providers.

Support secure code reviews with internal and external product teams.

Support application security continuous improvement plan and drive execution by driving best practices within teams with respect to security policies, procedures, standards, and guidelines in line with industry leading practices for on-prem, hybrid and cloud specific environments, application and product development.

Support secure development through the CI/CD pipelines, toolchains, and operations on secure code practices.

Perform other duties and responsibilities as assigned.

JOB QUALIFICATIONS

EDUCATION

High school diploma or GED required

Bachelor’s degree in Information Security, Computer Science, Information Systems, or another related field is preferred

CERTIFICATIONS

Security+ and GSEC security certifications are preferred. Career development plan to include certifications upon hire.

EXPERIENCE

0-2+ years Information Security experience

0-2+ years Application/Product Security experience

KNOWLEDGE, SKILLS, & ABILITIES

Knowledge of security offerings within one or multiple major cloud platforms (Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), etc.) preferred.

Knowledge of container and service-oriented security architecture for cloud-based services preferred.

Knowledge with a modern SDLC including CI/CD pipelines, cloud architecture, API economies, and container deployment preferred.

Knowledge of enterprise applications (support, and troubleshooting) preferred.

Knowledge of application security tools, functions, and services similar to Snyk, Veracode, Netsparker, BurpSuite, Imperva, Radware, BugCrowd, SD Elements, OPSWAT, Okta, ThreatMetrix, and Auth0 preferred.

Demonstrated self-starter with strong analytical skills.

Ability to manage multiple tasks simultaneously and meet established deadlines.

Ability to collaborate with business teams on technology & security-related controls, tasks, and projects.

Ability to work productively while remote and communicate effectively in a virtual team and on location hybrid work environment.

Ability to work within agile and waterfall project methodology.

Ability to stay current with new technology.

Ability to support appropriate Information Security and Technology standards to meet business requirements.

DISCLAIMERS AND WORK ENVIRONMENT

Nothing in this position description is an implied contract for employment. The position description is intended to be an accurate account of the essential functions. The functions are not all encompassing and are subject to change at any time by management. The work environment characteristics described are representative of those that an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. As required or requested, may exert up to 20 pounds of force occasionally and/or a negligible amount of force constantly to lift, carry, push, pull or otherwise move objects.

VyStar Credit Union is not seeking outside assistance or accepting unsolicited resumes from staffing agencies or search firms for employment or contractor opportunities. Any resumes submitted by an outside vendor to any employee at VyStar via e-mail, internet, or directly to hiring managers without a valid written search agreement with the Talent Acquisition / HR department will be deemed the sole property of VyStar Credit Union.

No placement fee will be paid if a candidate is hired as a result of the referral, or through other means.

Thank you for your inquiry regarding our current job opening. Your resume will be carefully reviewed against the position requirements. Should your experience and skills match, you will be contacted by one of our Human Resources department staff members.

Thank you again for your interest in this position!

VyStar Credit Union Human Resources

About Us

VyStar Credit Union has a rich history of providing financial services and community support. VyStar was originally founded as Jax Navy Federal Credit Union in 1952 to serve military members, civil services employees and their families at Naval Air Station Jacksonville. In the more than 70 years since then, we have expanded our field of membership to now serve 49 counties in Florida and 29 counties in Georgia. As we have grown, we have continued to provide excellent service to our members and our communities. Today, we serve over 925,000 members, including 50,000 small business members, making us one of the largest financial institutions in Northeast Florida ($13.5 billion in assets) and one of the largest credit unions in the country. We are guided by our purpose to Do Good.

#J-18808-Ljbffr