About the position
U.S Bank is seeking a Senior Application Security Engineer that specializes in Vulnerability Management. This Application Security Engineer will implement, and support solutions/technologies used for Static code analysis (SCA), Dynamic & Static security testing (DAST SAST), Interactive application security testing (IAST) and threat modelling. The engineer will be leading initiatives to improve application security posture by implementing policies, execute vulnerability management program and evangelizing practices that shift security left. The role offers a hybrid/flexible schedule, which means there's an in-office expectation of 3 or more days per week and the flexibility to work outside the office location for the other days at one of the following locations: Cincinnati, OH; Minneapolis, MN; Charlotte, NC; Irving, TX; Washington, DC.
Requirements
- Typically a Bachelor's degree, or equivalent work experience
- Typically five or more years of experience within application security
- Experience with Fortify, Black Duck, Checkmarx, Synopsys or Veracode
- Past experience as a developer or automation experience
- In depth experience with SAST, SCA or DAST
Benefits
- Healthcare (medical, dental, vision)
- Basic term and optional term life insurance
- Short-term and long-term disability
- Pregnancy disability and parental leave
- 401(k) and employer-funded retirement plan
- Paid vacation (from two to five weeks depending on salary grade and tenure)
- Up to 11 paid holiday opportunities
- Adoption assistance
- Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
