Application Security Solutions Engineer
Description:
OH0713 NW Bancshares HQ
Job Description
The Application Security Solutions Engineer is responsible for supporting the security of the Bank's internally developed, acquired, and third-party applications. This role focuses on application security testing, vulnerability remediation tracking, application penetration testing facilitation, and securing AI-enabled applications. The Application Security Engineer works closely with application development, DevOps, risk management, and information security teams.
Essential Functions
* Perform and support SAST, DAST, and SCA testing
* Review, validate, and track remediation of findings
* Perform penetration testing against applications - Oversee remediation and metric reporting
* Coordinate internal and third-party penetration tests - Review results and participate in remediation plan development
* Mentor developers in the area of secure coding practices
* Embed security controls throughout the SDLC
* Provide secure coding guidance and threat modeling support
* Assist in securing AI-enabled applications
* Review architectures for data and model risks
* Support audits and regulatory requirements
* Maintain application security standards
Additional Essential Functions
* Ensure compliance with Northwest's policies and procedures, and Federal/State regulations
* Navigate Microsoft Office Software, computer applications, and software specific to the department in order to maximize technology tools and gain efficiency
* Work as part of a team
* Work with on-site equipment
QUALIFICATIONS
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education
High School Diploma
Work Experience
5 - 6 years Application security experience
5 - 6 years Financial services experience
5 - 6 years Penetration testing exposure
Licenses and Certifications
CSSLP, GWAPT, OSCP Upon Hire
Comp TIA Sec+ or CISSP Upon Hire
Northwest is an equal opportunity employer. We are committed to creating an inclusive environment for all employees.