You haven't searched anything yet.
Job ID | 2024-4892 | Category | Information Services | Type | Full-Time | Workplace policy | Hybrid |
The Application Security Engineer plays a critical role in ensuring the security and integrity of the Bank's applications and systems. This role is responsible for validating that applications and systems are designed and implemented according to the Bank's Policies, Standards, and Guidelines. This role also assesses the security of the underlying components of the application or system such as middle-tier systems and databases. Additionally, this role implements and governs repeatable secure development practices to reduce secure coding errors, design flaws, and other vulnerabilities. As issues are uncovered, the application security engineer communicates with the appropriate technical and business teams to ensure proper risk identification, mitigation, and/or acceptance.
Principal Duties & Responsibilities:
The primary duty of the Application Security Engineer involves performing work directly related to the general business operations of the bank.
The Application Security Engineer regularly exercises discretion and independent judgment in matters of significance, such as:
Lead the automation, development, and execution of DevSecOps best practices, integrating security throughout the software development lifecycle (SDLC).
Support the application vulnerability management lifecycle by implementing and managing static and dynamic application security testing tools.
Validate that applications and systems are designed and implemented with the Bank's security standards by conducting security assessments and audits.
Analyze the security of applications and their underlying services, including dependencies such as middle-tier systems and databases, to identify vulnerabilities and weaknesses.
Implement repeatable secure development practices to minimize the introduction of design flaws and vulnerabilities into applications.
Collaborate with cross-functional teams to prioritize and mitigate security risks, ensuring business continuity without neglecting security.
Provide guidance and recommendations to development teams on security best practices.
Stay informed about the latest security threats and recommending security enhancements.
Performs other duties as assigned.
Proficiency in software development languages such as Java, Python, C , etc., to understand application architecture and identify security vulnerabilities.
Familiarity with dynamic and static analysis tools for code review and vulnerability assessment.
Expertise in DevOps practices and methodologies, with the ability to integrate security seamlessly into CI/CD pipelines.
Knowledge of cloud platforms, particularly Microsoft Azure, and their security features and configurations.
Strong analytical and problem-solving skills to identify and remediate security vulnerabilities effectively.
Excellent communication and collaboration skills to work effectively with cross-functional teams and third-party vendors.
Relevant Certifications:
Full Time
Banking
$89k-111k (estimate)
03/22/2024
05/21/2024
cnb.com
LOS ANGELES, CA
3,000 - 7,500
1968
KELLY COFFEY
$1B - $3B
Banking
With $70.3 billion in assets, City National Bank provides banking, investment and trust services through locations in Southern California, the San Francisco Bay Area, Nevada, New York City, Nashville, Atlanta, Minneapolis, Washington, D.C. and Miami*. In addition, the company and its investment affiliates manage or administer $81.3 billion in client investment assets. City National is a subsidiary of Royal Bank of Canada (RBC), one of North Americas leading diversified financial services companies. RBC serves more than 17 million personal, business, public sector and institutional clients thro...ugh offices in Canada, the United States and 34 other countries. For more information about City National, visit the companys website at cnb.com. *City National Bank does business in Miami and the state of Florida as CN Bank. Copyright 2021 City National Bank, CNB Member FDIC | All Rights Reserved Equal Housing Lender | NMLSR ID# 536994
More
Show less
The job skills required for Application Security Engineer include Application Security, Analysis, Java, Python, Team Development, Computer Science, etc. Having related job skills and expertise will give you an advantage when applying to be an Application Security Engineer. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Application Security Engineer. Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for Application Security Engineer positions, which can be used as a reference in future career path planning. As an Application Security Engineer, it can be promoted into senior positions as a Technical Solution Consultant IV that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Application Security Engineer. You can explore the career advancement for an Application Security Engineer below and select your interested title to get hiring information.