Apply Now

Senior Security Engineer AppSec

• Posted 2 hours ago • Updated 2 hours ago

Full Time

On-site

USD $100,000.00 - 160,000.00 per year

Fitment

Dice Job Match Score™

👤 Reviewing your profile...

Job Details

Skills

Finance
Media
Private Equity
Venture Capital
Cyber Security
DevOps
Security Controls
Continuous Integration
Continuous Delivery
Workflow
Security QA
Testing
OWASP
Mapping
Web Application Security
Endpoint Protection
Web Applications
Firewall
Penetration Testing
Collaboration
Internet
ServiceNow
JIRA
Reporting
Leadership
Regulatory Compliance
Gramm-Leach-Bliley Act
Sarbanes-Oxley
System On A Chip
Impact Analysis
Business Intelligence
Training
Software Security
DevSecOps
GitHub
WAF
API
Software Development Methodology
Threat Modeling
Vulnerability Management
Management
Communication
Stakeholder Engagement
Legal
Authorization

Summary

{"description": " Introduction

Since 1973, East West Bank has served as a pathway to success. With over 110 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private equity and venture capital, and high-tech help build sustainable businesses and expand our associates' potential for career advancement.

Headquartered in California, East West Bank (Nasdaq: EWBC) is a top-performing commercial bank with a strong foundation, an enterprising spirit and a commitment to absolute integrity. East West Bank gives people the confidence to reach further.

Overview

The Senior Cyber Security Engineer will lead and execute security initiatives across the application lifecycle, integrating security into DevOps pipelines, managing vulnerability assessments, and coordinating penetration testing efforts. This role ensures that applications are secure by design and resilient against evolving threats.

Responsibilities

Application Security & DevSecOps Integration

Embed security controls into CI/CD pipelines using GitHub workflows and automation tools.
Collaborate with development teams to implement secure coding practices and threat modeling during design and development phases.
Manage GitHub Advanced Security configurations, including secret scanning, push protection, and impact analysis.

Security Testing & Vulnerability Management

Conduct Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using approved tools (e.g., CodeQL, Dependabot, OWASP ZAP).
Perform manual and automated code reviews to identify vulnerabilities and ensure remediation through code fixes or configuration changes.
Maintain accurate mapping of applications to GitHub repositories to support vulnerability tracking and reporting.

API & Web Application Security

Perform regular API security assessments and integrate monitoring tools like Data Theorem for endpoint protection
Implement and manage Web Application Firewall (WAF) policies and monitor logs for threat detection

Penetration Testing Coordination

Scope and schedule internal and third-party penetration tests for internet-facing and extranet applications
Validate findings, coordinate remediation with development teams, and track progress in ServiceNow and Jira

Metrics, Reporting & Compliance

Generate and present vulnerability metrics to senior leadership, highlighting risk posture and remediation progress
Ensure compliance with internal standards and regulatory requirements (e.g., GLBA, SOX, SOC2)

Training & Enablement

Deliver targeted training sessions based on impact analysis and vulnerability trends to improve developer awareness
Lead bi-weekly AppSec Management Update & Post-Finding Review Training meetings
May perform other duties as assigned

Qualifications

3+ years of experience in application security, DevSecOps, or related fields.
Proficiency in GitHub, SAST/DAST tools, WAF technologies, and API security frameworks.
Strong understanding of secure SDLC, threat modeling (e.g., STRIDE), and vulnerability management.
Experience coordinating penetration tests and managing third-party vendors.
Excellent communication and stakeholder engagement skills.

Applicants must have legal authorization to work in the United States. We do not offer visa sponsorship at this time.

Compensation

The base pay range for this position is USD $100,000.00/Yr. - USD $160,000.00/Yr. Exact offers will be determined based on job-related knowledge, skills, experience, and location.", "salary_raw": "Row(double=None, string='The base pay range for this position is USD $100,000.00/Yr. - USD $160,000.00/Yr. Exact offers will be determined based on job-related knowledge, skills, experience, and location.')"}

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 90922487
Position Id: 24099896
Posted 2 hours ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Senior Application Security Champion

Irving, Texas

•

Today

Our large financial client is seeking an experienced application security professional who has exposure to AI/LLM Enabled Applications. The client is not seeking an AI expert but rather a skilled application security professional who has some experience in AI as it pertains to this job. This role is 3 days on site and will require experience in the following tops skills. Top Skills' Details 1. 5+ years of application security experience with developer enablement - Experience with SAST/DAST/ SC

Full-time

USD 69.50 - 74.00 per hour

Security Controls Engineer

Irving, Texas

•

Today

Location: Irving, TX Salary: $110,000.00 USD Annually - $120,000.00 USD Annually Description: Job Title: Security Controls Engineer Location: Irving, TX Employment: Fulltime Job Description Must Have Technical/Functional Skills Cloud (AWS, Azure, Google Cloud Platform), Python, Terraform, OPA, SIEM (Splunk SPL, YARA) Roles & Responsibilities Minimum of 3-5 years of experience in DevSecOps engineering with a focus on cloud environments (AWS, Google Cloud Platform, Azure), ideally working with

Full-time

USD 110,000.00 - 120,000.00 per year

Senior Cybersecurity Engineer

Dallas, Texas

•

Today

JobID: 52987 Senior Cybersecurity Engineer Pay $135,000 per year Location Fort Worth, TX (Hybrid: 2 days in-office, typically Tuesday and Wednesday) Summary A luxury travel company experiencing substantial growth, is seeking a Senior Cybersecurity Engineer to join their expanding technical team. This role focuses on enhancing and defending the cybersecurity posture across cloud environments, with an emphasis on Azure and SaaS security. The ideal candidate will bring strong expertise in cloud

Easy Apply

Full-time

USD 135,000.00 per year

Senior Security Engineer

Dallas, Texas

•

Today

{"description": " Introduction Since 1973, East West Bank has served as a pathway to success. With over 110 locations across the U.S. and Asia, we are the premier financial bridge between the East and West. Our teams of experienced, multi-cultural professionals help guide businesses and community members on both sides of the Pacific looking to explore new markets and create new opportunities, and our sustained growth and expertise in industries like real estate, entertainment and media, private

Full-time

USD 160,000.00 - 220,000.00 per year

Search all similar jobs