Senior Application Security Engineer

Date: Jun 28, 2019

Location: Greensboro, NC, US

Company: Lincoln Financial



Alternate Locations: Atlanta, GA (Georgia); Concord, NH (New Hampshire); Fort Wayne, IN (Indiana); Greensboro, NC (North Carolina); Hartford, CT (Connecticut); Omaha, NE (Nebraska); Philadelphia, PA (Pennsylvania); Radnor, PA (Pennsylvania); Rolling Meadows, IL (Illinois); Work from Home


Relocation assistance will be considered/provided for this opportunity within our company guidelines.


Requisition #59654


 

About the Company

 

Lincoln Financial Group, a Fortune 250 company with over 10,000 employees, provides advice and solutions that help empower Americans to take charge of their financial lives with confidence. Our core business areas — Life Insurance, Annuities, Retirement Plan Services and Group Protection — focus on supporting, preserving and enhancing over 17 million customer’s lifestyles and retirement outcomes.

Headquartered in Radnor, Pennsylvania, Lincoln Financial Group is the marketing name for Lincoln National Corporation (NYSE: LNC) and its affiliates. The company had $238 billion in assets under management as of December 31, 2018.

Ranked one of the Best Large Employers in America by Forbes magazine, Lincoln Financial Group makes a serious investment in our employees’ futures through a broad range of wealth accumulation and protection plans, health and wellness programs, and career development resources designed to help each individual reach their personal and professional goals.

 

The Role

 

The Sr. Application Security Analyst is responsible for working with application development and infrastructure teams to ensure applications are designed, coded, and implemented securely. S/he will be will act as a subject matter expert on design review, code review, and dynamic analysis. S/he will drive the improvement of policies, standards, and other supporting documentation. This is a hands-on technical position that you will find yourself collaborating with multiple groups across the organization. Strong communication skills are needed to explain complex security to a wide variety of technical levels. Experience as a developer is helpful, but not required.

 

 

Responsibilities

 

• Responsibility for the security of LFG applications and services

• Conduct design review, code review, and dynamic analysis

• Identify, communicate, and drive the resolution of vulnerabilities

• Serve as a subject matter expert for application development and infrastructure teams

• Communicate effectively with a wide variety of technical levels

• Perform security assessments of web and mobile applications

• Research and advocate for new security solutions and technologies

• Stay current on security trends, vulnerabilities, and testing methods

• Contribute to related policies, standards, and supporting documentation

 

 

Education

 

• Undergraduate degree or 4+ years of comparable work experience

• OSCP, OSWE, ISC2 CISSP, CSSLP, GIAC GWAPT, GIAC GSSP-Java, GIAC GSSP-NET Preferred

 

 

Experience

 

  • 5-7+ years of experience in Information Technology that directly aligns with the specific responsibilities for this position
  • Extensive experience in web application security
  • Strong knowledge of application security throughout the SDLC
  • Experience with agile delivery practices
  • Experience integrating security into DevOps practices.
  • Experience conducting source code review preferred
  • Experience using static application security testing tools such as Fortify, Checkmarx, Veracode, etc.
  • Experience dynamic analysis with tools such as AppScan, Webinspect, BurpSuite, and OWASP ZAP, etc.
  • Familiarity with related network infrastructure, such as firewalls, WAFs, and IPS
  • Familiarity with common DMZ architectures
  • Prior financial services experience preferred

 

 

 

#LI-POST

 

 


This position may be subject to Lincoln’s Political Contribution Policy.  An offer of employment may be contingent upon disclosing to Lincoln the details of certain political contributions. Lincoln may decline to extend an offer or terminate employment for this role if it determines political contributions made could have an adverse impact on Lincoln’s current or future business interests, misrepresentations were made, or for failure to fully disclose applicable political contributions and or fundraising activities.
 

 

 


Nearest Major Market: Greensboro

Job Segment: Developer, Java, .NET, Application Developer, Technology