Application Security Engineer II

$107,500 - $177,400/Yr

Travelers - Saint Paul, MN

posted 10 days ago

Full-time - Mid Level
Saint Paul, MN
Insurance Carriers and Related Activities

About the position

The Application Security Engineer II at Travelers is responsible for enhancing the security of applications within the organization. This role involves conducting advanced security engineering tasks, including application security testing, vulnerability assessment, and providing guidance on secure coding practices. The engineer will collaborate with various teams to implement security strategies, particularly focusing on container security and DevOps integration, while also mentoring junior staff.

Responsibilities

  • Support the development of a container image security strategy including supply chain risk initiatives.
  • Implement and integrate the container image security strategy with DevOps pipelines.
  • Promote a culture around secure container development.
  • Perform security research, application security testing, and interpret vulnerability scan results.
  • Conduct threat modeling and code reviews, advising on defensive coding techniques.
  • Work independently on well-scoped and loosely scoped problems.
  • Seek opportunities to expand technical knowledge and capabilities.
  • Provide technical guidance and mentorship to less experienced employees.
  • Perform other duties as assigned.

Requirements

  • Bachelor's degree plus four years of modern application development or application security experience.
  • Moderate experience with development in AWS.
  • Moderate knowledge and understanding of container security and related risks.
  • Moderate knowledge and experience with CI/CD pipeline technologies such as GitHub Actions, Jenkins, and/or GitLab CI/CD.
  • Experience with container image hardening and base image management.
  • Experience building infrastructure as code (IaC) and analyzing IaC against misconfigurations.
  • Experience with integrating and managing tools involving SAST, SCA, and Secrets scanning capabilities.
  • Familiarity with microservices architecture and design patterns.
  • Intermediate delivery skills including the ability to estimate accurate timelines for tasks and deliver work at a steady pace.
  • Demonstrated track record of domain expertise and understanding technical concepts necessary for the job.
  • Strong problem-solving skills and ability to break down large problems into manageable ones.
  • Strong communication skills to articulate information clearly and collaborate effectively.
  • Intermediate leadership skills to create a safe learning environment.

Nice-to-haves

  • Experience with security frameworks and compliance standards.
  • Knowledge of secure coding practices and methodologies.
  • Familiarity with threat modeling techniques.

Benefits

  • Health Insurance coverage for employees and eligible family members from the first day of employment.
  • 401(k) matching contributions dollar-for-dollar up to the first 5% of eligible pay.
  • Pension Plan fully funded by Travelers.
  • Minimum of 20 days Paid Time Off annually plus nine paid company Holidays.
  • Access to a wellness program with tools, discounts, and resources.
  • Mental health program providing access to free professional counseling services.
  • Encouragement for volunteer work with a Matching Gift and Volunteer Rewards program.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service