Senior Application Security Engineer

Remote in Buffalo, NY, US • Posted 9 days ago • Updated 2 hours ago

Full Time

On-site

USD $97,100.00 - 161,800.00 per year

Fitment

Dice Job Match Score™

👤 Reviewing your profile...

Job Details

Skills

Information Security
Information Technology
Information Systems
Leadership
Authentication
Encryption
Research
Regulatory Compliance
DevOps
Training
Information System Security
Incident Management
Policies and Procedures
SAP BASIS
Brand
Internal Control
Auditing
Supervision
Higher Education
Software Development
Software Development Methodology
Application Development
SCA
Testing
Web Applications
OWASP
Cloud Computing
Communication
Cyber Security
Coaching
Management
Continuous Integration and Development
Continuous Integration
Continuous Delivery
Instrumentation
Programming Languages
Agile
Version Control
Software Security

Summary

Overview:

Responsible for capturing and refining information security requirements and ensures their integration into information technology component products and information systems through purposeful security design or configuration. Provides advanced working guidance to technology teams and leadership in the areas of secure coding, application authentication, encryption, and quickly research and become competent in other areas as needed.

Primary Responsibilities:

Develop and implement engineering's technical security policies and procedures, and performance of security measures,
Scan and test applications for potential vulnerabilities and non-compliance with security standards,
Partner with engineering teams during code reviews to identify potential security vulnerabilities and advise strategies to develop more secure code,
Integrate security tools and processes into the software development and operations (DevOps) pipeline, including automation of security checks and scans to identify and fix vulnerabilities early in the development process.
Lead training sessions for technology teams in one-on-one coaching and large team training sessions on secure coding practices and information system security best practices.
Configure and manage automated tools and solutions to address security weaknesses in applications, systems, and infrastructure.
Partner closely with incident response teams to mitigate the impact of incidents from application security vulnerabilities and identify necessary steps to remediate findings.
Proactively recommend process enhancements and implement prioritized improvements within Cybersecurity team to enhance application security capabilities.
Track current events, technological advancements, and changes in the secure application development landscape to anticipate how attackers may change their tactics, and implement adjustments to internal technologies, policies, and procedures.
Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.

Promote an environment that supports belonging and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.

Scope of Responsibilities:

Partners primarily with individual contributors and leaders within Cybersecurity and Technology, and occasionally senior leaders within Cybersecurity.
Determines and develops approach to solutions. Work is accomplished with periodic check-ins for alignment and limited direction. Work is evaluated upon completion to ensure objectives have been met.
Proficient ability to use multiple Cybersecurity tools, specific to function.
This role is used within Cybersecurity, typically in one of the following ways:
- Application Security - partners with engineers and developers to secure first-party and third-party code by reviewing the application, data, and systems it interacts with.
- Product Security - secures products by ensuring they are designed, developed, and delivered in a secure manner".

Manager Responsibilities:

No supervisory responsibilities

Education and Experience Required:

Bachelor's degree and a minimum of 3 years' relevant work experience, or in lieu of a degree, a combined minimum of 7 years' higher education and/or work experience, including a minimum of 5 years software development or application security
Prior experience reviewing or fixing vulnerabilities identified using application security tools such as static application security testing (SAST), software composition analysis (SCA), interactive application security testing (IAST), dynamic application security testing (DAST), or application security posture management (ASPM) suite
Intermediate understanding of the Software Development Life Cycle (SDLC)
Ability to train technologist and people leaders at various levels on secure application development, both in person and virtually
Excellent communication and interpersonal skills

Education and Experience Preferred:

Intermediate experience reviewing or fixing vulnerabilities identified using application security tools such as static application security testing (SAST), software composition analysis (SCA), interactive application security testing (IAST), dynamic application security testing (DAST), or application security posture management (ASPM) suite
Understanding of common software weaknesses that impact cloud and web applications, beyond the Open Worldwide Application Security Project (OWASP) Top 10
Demonstrable experience developing and maintaining automation for application security tasks and defect identification
Experience developing enterprise applications
Knowledge of secure configuration of cloud-native and containerized apps in one or more Cloud environments
Certifications in the area of Application Security
Proficient persuasive communication skills to gain buy-in of others in cybersecurity and technology teams
Ability to create an effective learning environment that allows for maximum learner results
Must be comfortable with providing 1-1 coaching for all levels of individual contributors and up to SVP management
Ability to build and maintain effective relationships within and across multiple technical teams
Prior experience utilizing continuous integration and continuous deployment (CI/CD) pipeline instrumentation
Highly proficient at coding with one or two programming languages
Highly proficient with Agile development methodologies and version control systems
Experience defining and reviewing software security features and capabilities

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $97,100.00 - $161,800.00 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.

Location
Buffalo, New York, United States of America

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 80180520
Position Id: f716c0a95c38e169c711e5f7953bc80
Posted 9 days ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Tysons, Virginia

•

Today

Software Guidance & Assistance, Inc., (SGA), is searching for an Sr. Application Security Engineer for a Contract assignment with one of our premier Regulatory clients in Tysons, VA The main function of senior application security engineer is to plan, coordinate and implement application security practices in each phase of software development life cycle though testing, remediation support, tool evaluation, etc. This role involves in evaluating security vulnerabilities, security tools, imp

Contract

USD 75.00 - 82.00 per hour

Lead Cybersecurity Engineer - Vulnerability

Remote or Buffalo, New York

•

Today

This role offers a hybrid work schedule providing the opportunity for in-person collaboration at our Buffalo, NY location. Overview: Responsible for designing and implementing large scale-scale security systems and solutions to develop or enhance new or existing security solutions, solving advanced complex problems or enhancements. Acts as knowledge resource for and trains less experienced engineers. Completes day-to-day support activities and special projects. Primary Responsibilities: Design

Full-time

USD 116,400.00 - 194,000.00 per year

Lead PAM Engineer

Remote or Buffalo, New York

•

Today

This role offers a hybrid work schedule providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub. Overview: Responsible for designing and implementing large scale-scale security systems and solutions to develop or enhance new or existing security solutions, solving advanced complex problems or enhancements. Acts as knowledge resource for and trains less experienced engineers. Completes day-to-day support activities and special projects. Primary Responsibilities: Lead th

Full-time

USD 116,400.00 - 194,000.00 per year

Senior Specialist - Technology and Cybersecurity Risk

Remote or Buffalo, New York

•

Today

Overview: Leads risk analysis for complex initiatives, influencing overarching risk framework and providing advanced guidance to leadership for informed decision-making aligned with organizational imperatives. Primary Responsibilities: Develop and implement strategic approaches for in-depth risk assessments for comprehensive coverage of all technology capabilities.Develop and execute sophisticated risk management framework and programs that informs how to align practices with business objective

Full-time

USD 123,600.00 - 206,000.00 per year

Search all similar jobs

Senior Application Security Engineer

Dice Job Match Score™

Job Details

Skills

Summary

Similar Jobs