Senior Application Security Engineer

Lawrence Harvey has partnered with a San Francisco Bay Area Financial Services firm as they expand their security team in the U.

S.. This role plays a key part in shaping and advancing the application security program, working closely with development teams to integrate security into the software development lifecycle (SDLC) and manage vulnerabilities.

Key Responsibilities :

• Lead Application Security Program : Oversee and enhance the application security program, ensuring alignment with global security strategies and compliance with regulatory standards.
• Secure Software Development : Collaborate with development teams to embed security practices into the SDLC, including secure coding, threat modeling, and conducting code reviews.
• Vulnerability Management : Manage the identification, assessment, and remediation of application vulnerabilities through tools such as vulnerability scanning and penetration testing.
• Security Tooling & Automation : Implement and integrate security tools and automation to streamline testing, monitoring, and secure code analysis processes.
• Cross-Functional Collaboration & Training : Work with cross-functional teams to ensure security is prioritized in all projects, and lead training initiatives to raise awareness of application security among stakeholders.

Qualifications :

• Minimum of 5 years of experience in cybersecurity, secure software development, or a related area, ideally all within application security
• Bachelor’s degree in Computer Science, Information Security, or a related field
• Strong understanding of application security principles, frameworks, and standards, including OWASP, SANS, and NIST.
• Experience establishing secure coding practices, code review methodologies, and vulnerability management tools.
• Excellent problem-solving and analytical skills, with a focus on identifying and mitigating security risks.
• Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams.

Preferred Qualifications :

• Experience working in a DevOps environment
• Knowledge of cloud security, particularly in AWS, Azure, or GCP environments.
• Familiarity with financial technology (fintech) regulations and standards.
9 days ago