Application Security Engineer

Skills

Bachelor’s degree in computer science Information Security or equivalent experience Proven experience working as an Application Security Engineer. Strong understanding of software development processes and methodologies. Ability to work collaboratively in a team environment and adapt to a dynamic and evolving security landscape. Hands-on experience with security tools and vulnerability report analysis. Knowledge of security standards and frameworks like OWASP NIST and CIS. Excellent communication skills to convey complex security concepts and findings to both technical and non-technical stakeholders. Strong analytical skills and proficiency in data analysis tools and technologies.

Description

Collaborate with development teams to identify and mitigate product and solution architecture security vulnerabilities.
Engage closely with Jack Henry's enterprise security team and Credit Union (CU) solution development teams to conduct thorough enterprise security assessments, review findings, and implement highly effective remediation strategies.
Provide guidance and training to development teams on secure coding practices and security best practices.
Attend software architecture review sessions to assess designs from a security standpoint, ensuring compliance with established security standards, policies, and requirements. Contribute by providing insights, asking pertinent security-related questions, and offering recommendations to enhance the security posture of the proposed solutions.
Stay current on security threats, trends, and technologies to address emerging risks proactively.
Effective communicator delivering key messages to team stakeholders and business partners using clear, informative verbal and written communications.
Experience in application and product security coupled with a strong understanding and knowledge of relevant technology stacks.
Understanding of software development and system configurations and being able to recommend modifications to those to ensure better security posture.

Responsibilities

• Coding experience with two or more programming languages
• Familiarity with PCI DSS (Payment Card Industry Data Security Standard) requirements and best practices
• Experience with penetration tests and penetration test report analysis.
• Understanding of three or more security domains (such as platform security, network security, application security, etc.).
• Knowledge of security information and event management (SIEM) systems and security data analytics tools.