Lincoln Financial Group Application Security Engineer (Remote) in Topeka, Kansas
Alternate Locations: Work from Home
Hybrid/Flexible : Work at home and use the office as appropriate for in-person collaboration.
Relocation assistance: is not available for this opportunity.
Requisition #: 68431
The Role at a Glance
We’re excited to add an Application Security Engineer positions to our Application Security team!
_Background Details: _
This person will be responsible for working with application development and infrastructure teams to ensure applications are designed, coded, and implemented in a secure manner that meets the requirements of LFG Security policies and standards. The analyst will drive the improvement of policies, standards, and other supporting documentation. This is a hands-on technical position that you will find yourself collaborating with multiple groups across the organization. Strong communication skills are needed to explain complex security to a wide variety of technical levels. Experience as a developer is helpful, but not required.
What you'll be doing
Responsible for the security of LFG applications and services
Perform complex security assessments of web and mobile applications
Perform infrastructure and application design reviews
Perform static and dynamic analysis tasks
Review and ensure the implementation of adequate application authentication, authorization, and access control and encryption practices
Manually assess applications for vulnerabilities created by incorrect business logic implementations and other potential vulnerabilities that are not typically identified with the use of automated tools
Evaluate, recommend, and implement application security related software in an automated continuous integration/deployment environment.
Identify, communicate, and drive the resolution of vulnerabilities
Serve as a subject matter expert for application development and infrastructure teams
Communicate effectively with a wide variety of technical levels
Research and advocate for new security solutions and technologies
Stay current on security trends, vulnerabilities, and testing methods
Contribute to related policies, standards, and supporting documentation
What we're looking for
3-5 years of experience in Information Technology that directly aligns with the specific responsibilities for this position
Extensive experience in web application security
Strong knowledge of application security throughout the SDLC
Experience with agile delivery practices
Familiarity with enterprise network infrastructure
Familiarity with common DMZ architectures
Experience integrating security into DevOps practices.
Experience using static application security testing tools such as Fortify, Checkmarx, Veracode, etc.
Experience dynamic analysis with tools such as AppScan, Webinspect, BurpSuite, and OWASP ZAP, etc.
1-3+ years of Penetration Testing experience (Preferred)
Experience conducting source code review preferred
OSCP, OSWE, ISC2 CISSP, CSSLP, GIAC GWAPT, GIAC GSSP-Java, GIAC GSSP-NET (Preferred)Familiarity with container security scanning platforms like Twistcli
Agile Mindset; awareness/understanding of Agile methodologies
Pay Range: $75,701 $140,700
Actual base pay could vary based on non-discriminatory factors including but not limited to work experience, education, location, licensure requirements, proficiency and qualifications required for the role. The base pay is just one component of Lincoln’s total rewards package for employees. In addition, the role may be eligible for the Annual Incentive Program, which is discretionary and based on the performance of the company, business unit and individual. Other rewards may include long-term incentives, sales incentives and Lincoln’s standard benefits package.
This position may be subject to Lincoln’s Political Contribution Policy. An offer of employment may be contingent upon disclosing to Lincoln the details of certain political contributions. Lincoln may decline to extend an offer or terminate employment for this role if it determines political contributions made could have an adverse impact on Lincoln’s current or future business interests, misrepresentations were made, or for failure to fully disclose applicable political contributions and or fundraising activities. Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Lincoln Financial Group are considered property of Lincoln Financial Group and are not subject to payment of agency fees.
Lincoln Financial Group ("LFG") is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, Veteran status, or genetic information. Opportunities throughout LFG are available to employees and applicants and are evaluated on the basis of job qualifications. We have a drug free work environment and we perform pre-employment substance abuse testing.
Benefits at a Glance (https://hrdirectdocs.lfg.com/misc/HR/Recruiting/BenefitsResourcesGuide.pdf)
This Employer Participates in E-Verify. See the E-Verify (https://www.e-verify.gov/) notices.
Este Empleador Participa en E-Verify. Ver el E-Verify (https://www.e-verify.gov/es) avisos.
Lincoln Financial Group ("LFG") is an Equal Opportunity employer and, as such, is committed in policy and practice to recruit, hire, compensate, train and promote, in all job classifications, without regard to race, color, religion, sex (including pregnancy), age, national origin, disability, sexual orientation, gender identity and expression, veterans status, or genetic information. Opportunities throughout LFG are available to employees and applicants and are evaluated on the basis of job qualifications. We have a drug free work environment and we perform pre-employment substance abuse testing.