serp_jobs.error_messages.no_longer_accepting

Application Security Engineer

Sompo InternationalNew York, NY, US

job_description.job_card.variable_days_ago

serp_jobs.job_preview.job_type

serp_jobs.job_card.full_time

job_description.job_card.job_description

Application Security Engineer

Sompo has a unique opportunity for an Application Security Engineer in our Information Security team.

Location : This position will be based out of one of our US locations preferably the NYC / Purchase, NY / Garden City, NY / Morristown, NJ / Boston, MA / Conshohocken, PA or Charlotte, NC office. We strive for collaboration which is why we offer a work environment where our employees thrive and develop long lasting careers.

Our business, your impact, our opportunity :

What you'll be doing :

Develop and implement application-focused security controls during all phases of Sompo's Secure Software Development Lifecycle and production operations.
Collaborate, as needed, with development teams to enhance their secure coding practices, application design patterns, and technology selection.
Maintain a strong familiarity with :
Sompo's full stack of security technologies and common application architectures
Regulatory requirements for security and privacy technologies.
The various Sompo teams who are non-technical subject matter experts on those regulations.
Industry-standard approaches for aligning development, operations, and security.
Be responsible for continuously improving our suite of troubleshooting documents, SOPs, and support tools so that the IT support teams can self-resolve / diagnose application-level issues related to security incidents and / or controls.
Application security review (development lifecycle, technology selection)
Application security testing and instrumentation (production operations)
Support of security tooling and automation

What you'll bring :

Minimum of 5 years of experience in information security.

Systematic thinking the ability to take a complex sequence of events and isolate the critical / relevant stages.

Excellent interpersonal skills the ability to engage with both end users and IT colleagues to understand a problem and determine fact patterns, measurable requirements, and success criteria.

Strong understanding of :

HTTP, HTML, REST, SOAP, JSON, XML, YAML, and other data formats, web authentication patterns, especially SAML and OAuth, TLS / X509, and cookies, DNS, TCP / IP, and related tools (e.g., interpreting packet captures), Encryption at rest and in flight.

Development and direct work experience with :

Languages for automation, especially Python and Powershell, Query tools.

Excel for ad-hoc analysis. Must be comfortable aggregating disparate sets of logs and other data for unified analysis.

Packet captures for low level network troubleshooting

Application development building blocks, Web application security components

Native security controls in the Microsoft stack (OS, Office, Edge)

Ability to write ad hoc queries using one or more of the following :

Splunk, Powershell, Regular expressions, SQL, XPATH

Ability to write practical audience-relevant documentation related to troubleshooting.

B.S. in Computer Science or Software Engineering

Salary Range : $115,000 $165,000 Actual compensation for this role will depend on several factors including the cost of living associated with your work location, your qualifications, skills, competencies, and relevant experience.

At Sompo, we recognize that the talent, skills, and commitment of our employees drive our success. This is why we offer competitive, high-quality compensation and benefit programs to eligible employees.

Our compensation program is built on a foundation that promotes a pay-for-performance culture, resulting in higher incentive awards, on average, when the Company does well and lower incentive awards when the Company underperforms. The total compensation opportunity for all regular, full-time employees is a combination of base salary and incentives that gets adjusted upfront based on overall Company performance with final awards based on individual performance.

We continuously evaluate and update our benefit programs to ensure that our plans remain competitive and meet the needs of our employees and their dependents. Below is a summary of our current comprehensive U.S. benefit programs :

Two medical plans to choose from, including a Traditional PPO & a Consumer Driven Health Plan with a Health Savings account providing a competitive employer contribution

Pharmacy benefits with mail order options

Dental benefits including orthodontia benefits for adults and children

Vision benefits

Health Care & Dependent Care Flexible Spending Accounts

Company-paid Life & AD&D benefits, including the option to purchase Supplemental life coverage for employee, spouse & children

Company-paid Disability benefits with very competitive salary continuation payments

401(k) Retirement Savings Plan with competitive employer contributions

Competitive paid-time-off programs, including company-paid holidays

Competitive Parental Leave Benefits & Adoption Assistance program

Employee Assistance Program

Tax-Free Commuter Benefit

Tuition Reimbursement & Professional Qualification benefits

In today's world, what do we stand for?

Ethics and integrity are the foundation of delivering on our commitment to you. We believe that core values drive success, and that when relationships are held in the highest regard, there is nothing that cannot be accomplished. At Sompo, our ring is more than a logo, it is a symbol of our promise. To learn more about life at Sompo, visit our website.

Sompo is an equal opportunity employer and we intentionally value inclusion and diversity. Above all, we want you to work in an environment that respects everyone's unique contributions we are passionately committed to equal opportunities. We do not discriminate based on race, color, religion, sex orientation, national origin, or age.

serp_jobs.job_alerts.create_a_job

Application Security Engineer • New York, NY, US