Search jobs > Draper, UT > Application security

Senior Application Security Engineer

Upbound Group
Draper, UT
Full-time

Job Description

Senior Application Security Engineer

Draper, Utah In-Office)

As a Senior Application Security Engineer for Upbound Group, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities.

You will make a difference in promoting a culture of security inside the engineering organization and work with engineers to produce more secure applications.

You will work to both collect and disseminate information throughout the business to ensure processes and procedures are operating efficiently and effectively.

You will support the developers in their efforts to secure our applications and assist in the documentation and tracking of various application security and cloud.

About Upbound

Upbound Group, Inc. (effective February 27, 2023 : NASDAQ : UPBD) is an omni-channel platform company committed to elevating financial opportunity for all through innovative, inclusive, and technology-driven financial solutions that address the evolving needs and aspirations of consumers.

The Company’s customer-facing operating units include industry-leading brands such as Rent-A-Center and Acima that facilitate consumer transactions across a wide range of store-based and digital retail channels, including over 2,400 company branded retail units across the United States, Mexico and Puerto Rico.

Upbound Group, Inc. is headquartered in Plano, Texas. Acima is headquartered in Draper Utah.

What You Will Do

  • Collaborate with engineers, consultants, and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC)
  • Build automated code scanning tools to identify security vulnerabilities in application code and infrastructure code using both open source and commercial tools Integrating open-source and / or commercial static application code scanning tools with the CI / CD Pipeline
  • Enable secure-by-default best practices by developing libraries and frameworks to prevent future vulnerabilities
  • Operate at enterprise scale by building and managing tools that help test, monitor, and improve application security
  • Develop security standards, preferred implementation patterns, secure common frameworks, and developer documentation and educational materials
  • Provide secure developer training to software engineers on how to write secure code and follow best practices
  • Conduct web app penetration testing, code scanning, dependency scanning that can be incorporated into SDLC process and CI / CD pipeline
  • Work closely and together with the development team to provide guidance and mitigate security vulnerabilities
  • Perform security architecture and design reviews of all systems and applications developed at Acima
  • Provide a leadership role in the development, implementation and maintenance of consistent application and infrastructure architecture security programs

Qualifications

  • 3+ years of experience working in an application security role
  • You have a background in web application development and / or code auditing and can get deep into the code to find and resolve security problems
  • You have experience with static and dynamic code analyzers
  • You have experience with software composition analysis tools
  • Web application penetration testing and source code vulnerability analysis skills
  • Extensive knowledge of internet security issues, cloud architectures, and threat landscape
  • General understanding of application and cloud security threats and vulnerabilities, including OWASP top 10, SANS top 25 etc.
  • Professional security certification : CISSP, GIAC, GWEB, GWAP or other similar credentials.
  • Experience with BurpSuite, Zed Attack Proxy (ZAP), or similar dynamic testing tool
  • Knowledge of current development practices, including containerized applications, microservice architectures, serverless architectures, native mobile applications, responsive web applications, etc. a plus

Benefits / Compensation

  • DTO (discretionary time off).
  • Medical insurance with United Healthcare (IHC network)
  • Health Savings Account (HSA) with company contribution.
  • Dental insurance (Cigna) and Vision insurance (United Healthcare)
  • Paid holidays
  • 401K match 6% / 3%
  • Free Dev lunches every Friday for locals
  • Fully stocked snack bar with beverages
  • Onsite gym and bike locker
  • College tuition reimbursement program (STEM)
  • Free car charging

LI-RF1

30+ days ago
Related jobs
Promoted
BAMM Staffing
Draper, Utah

As a Senior Application Security Engineer, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities. You will make a difference in promoting a culture of security inside the enginee...

Promoted
L3Harris Technologies
Draper, Utah

Leads and contribute to all Product or Network Information Security Engineering activities pertaining to CDRLs, trade studies, security requirements analysis, secure architecture development, management & compliance with security controls, design review milestones (SRR, SDR, PDR, CDR) and securi...

Upbound Group
Draper, Utah

As a Senior Application Security Engineer for Upbound Group, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities. Senior Application Security Engineer. You will make a differen...

Delinea
Lehi, Utah

We are looking for a software engineer to work in our cloud-based Privileged and Access Management platform. This role reports to the Director, Software Engineering or Software Development Team Lead. Ability and experience working across multiple teams helping to drive design and engineering discipl...

Oracle
UT, United States

The Application Management Services Team provides Cloud-based Application, Infrastructure and Platform services to allow the Oracle Retail Global Industries Unit to deliver Cloud offerings for our products within the Retail vertical market. Expertise in Weblogic Application Server Administration inc...

Delinea
Lehi, Utah
Remote

This is a senior level engineering position for our Mobile Application team. Reports to the Software Development Senior Manager. Full-stack design and develop features for cross-platform mobile application development using React Native. Guide junior and mid-level engineers in best practices for giv...

Highmark Health
UT, Working at Home, Utah

The Identity & Access Management Senior Security Engineer is responsible for acting as resource, leader, and peer coach with other engineers in the development, testing, implementation, and integration of Identity and Access Management systems and solutions. Experience working within an information ...

Promoted
Gravity IT Resources
West Jordan, Utah

We are looking for an experienced Engineer working on SQL databases hosted on Windows and Linux servers with a strong focus on database migration, re-platforming, and adoption of cloud computing services. Direct experience employed as a programmer developing and maintaining computer software applica...

Promoted
Lion Energy
American Fork, Utah

As Embedded Software Engineer you will be a critical part of the engineering of Lion Energy’s next generation of Energy Storage and Portable Power products. BS in Computer Engineering, Electrical Engineering, Computer Science, or a related discipline. Work tightly with hardware engineering in ...

Promoted
Trove Brands
Lehi, Utah

We are seeking a motivated and talented Software Developer Intern to join our dynamic development team. This internship is designed to provide hands-on experience in software development, coding, testing, and problem-solving, offering exposure to the full software development lifecycle. Assist in th...