Application Security Engineer

Allspring - Charlotte, NC

posted 4 days ago

Full-time
Hybrid - Charlotte, NC

About the position

The Application Security Engineer at Allspring Global Investments will play a crucial role in enhancing the security practices within the software development lifecycle. This position involves working closely with various teams to implement effective security measures and innovative cloud technologies, ensuring the security and compliance of applications in a hybrid working environment.

Responsibilities

  • Act as an expert and builder for cloud-based technologies, prioritizing security, performance, operability, and scalability.
  • Support the implementation of advanced front-end technologies within technology and business groups as an in-house specialist.
  • Foster strong relationships with developers, technology teams, solution teams, and business application owners.
  • Develop and implement effective security measures by following established industry standards.
  • Develop and implement innovative cloud technologies to differentiate our offerings.
  • Collaborate and consult with technical experts, technology teams, and external industry groups to address complex technical issues and achieve our goals.

Requirements

  • Bachelor's degree or higher in MIS, CS, or another technology-related field OR equivalent combination of education and work experience.
  • 5+ years of engineering and technology experience, preferably in Financial Services, Technology, or a related field.
  • 2+ years of experience in static code analysis using SonarQube and Jfrog Xray or other industry-standard scanning tools.
  • 2+ years of experience working within a DevSecOps framework, including expertise in version control, continuous integration, continuous testing, configuration management, and secure containerization.
  • 2+ years of experience with applications running in AWS, including knowledge of AWS Security in areas such as IAM and KMS.
  • 2+ years of experience conducting security assessments of Cloud-based applications and ensuring compliance with relevant standards and frameworks.
  • 2+ years of experience with AWS or other hyperscale cloud provider implementation.
  • Demonstrated expertise in strengthening applications by implementing effective strategies in areas such as Identity and Access Management, Data Security, Container Security, and Secrets Management.
  • Knowledge of secure containerization, with experience using industry-standard containerization platforms such as AWS ECS and Kubernetes.
  • Understanding of common application attack vectors within industry-standard frameworks like OWASP and MITRE ATT&CK.

Nice-to-haves

  • Familiarity with Jenkins or another industry-standard software build automation platform.
  • Proficiency in C-based programming languages (C#/C++) as well as web development languages such as JavaScript and Node.js.
  • Ability to multitask in a fast-paced environment and prioritize duties to meet deadlines with limited supervision.
  • Excellent verbal and written communication skills.
  • Strong influencing and consensus-building skills.
  • Proven track record of approaching challenges with a strategic problem-solving approach.
  • Effective teaching and mentoring abilities.
  • Impressive presentation and communication capabilities.
  • Willingness to occasionally travel outside of the primary work location.
  • Demonstrated success working effectively in a heavily distributed environment.
  • Consulting experience is a plus.
  • Track record of maintaining strong documentation.
  • Capability to share knowledge with essential team members and serve as a valuable resource.
  • Demonstrated ability to deliver on-call support and resolve challenges autonomously.
  • Confidence in interacting with counterparts at all levels within the organization.
  • Proficient in identifying and finding solutions to complex problems.
  • Demonstrated ability to collaborate with teams across multiple locations.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service