TransUnion's Job Applicant Privacy Notice What We'll Bring: At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation we’re – consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius. Come be a part of our team – you’ll work with great people, pioneering products and cutting-edge technology. What You'll Bring: 3 years of experience in Information Security, Cyber Security or Application Security Ability to communicate and enforce secure coding standards, best practices, and DevSecOps practices Hands-on experience with SAST, DAST, SCA tools (Checkmarx, BlackDuck, Veracode, etc.) Experience working within or alongside a CI/CD pipeline (including code quality gating) Knowledge of OWASP Top-10/ API Top-10 vulnerabilities and how to identify/ remediate them in code We’d Love to See: Development or programming experience, preferably in .Net and C# Prior experience in an enterprise environment Certifications Security , (ISC)2 Associate, GSEC, CEH, etc. Cloud exposure, preferably AWS Impact You'll Make: As a Senior Application Security Engineer you will work with best in class security technologies deployed in the cloud. Your expertise will be vital to maturing the policies and procedures that govern security operations. As a Senior Application Security Engineer, you will execute and drive security posture validation, application testing penetration testing and the management of vulnerabilities. Manage identification, prioritization, and remediation guidance of application security vulnerabilities and threats. Increase the integrity of the software, applications and products by testing and fortifying software at the various stages and environments it moves through during the software development lifecycle (SDLC) and following its release. Implement and perform SAST: Static Application Security Testing, DAST: Dynamic Application Security Testing and SCA: Static Code Analysis Collaborate on the assessment of potential threats and risks to systems and technologies, driving remediation with internal and external partners. Conduct research on tools, tech, and threats and present findings to Enterprise Security leadership, making recommendations to reduce risk. Produce and deliver secure coding training content to information technologists across the enterprise. We’re supported by flexible benefits that not only cover us but our families. We offer a variety of benefit plans and options that vary by region, country and location. •Some highlights that our U.S. associates are eligible for include: •Flexible time off for exempt associates •Tuition reimbursement •Primary parental leave of at least 16 weeks •Secondary parental leave of four weeks •Adoption assistance •Fertility planning coverage •Spousal and domestic partner benefits •Charity gift matching •Employee stock purchase plan •Retirement contributions with employer match •Access to our community of Employee Resource Groups (ERG) #DICE We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law. TransUnion's Internal Job Title: Sr Engineer, Development Ops View TransUnion's Job Applicant Privacy Notice TransUnion is a global information and insights company that makes trust possible between businesses and consumers, by ensuring that each consumer is reliably and safely represented in the marketplace. We do this by having an accurate and comprehensive picture of each person. This picture is grounded in our legacy as a credit reporting agency which enables us to tap into both credit and public record data; our data fusion methodology that helps us link, match and tap into the awesome combined power of that data; and our knowledgeable and passionate team, who stewards the information with expertise, and in accordance with local legislation around the world. Because of our work, organizations can better understand consumers in order to make more informed decisions, and earn their trust through great, personalized experiences, and the proactive extension of the right opportunities, tools and offers. In turn, consumers can be confident that their data identities will result in the opportunities they deserve. We make trust possible, so businesses and consumers can transact with confidence and achieve great things. We call this Information for Good®—it’s our purpose, and what drives us every day.