Application Security Solutions Engineer

Application Security Solutions Engineer

The Application Security Solutions Engineer is responsible for supporting the security of the Bank's internally developed, acquired, and third-party applications. This role focuses on application security testing, vulnerability remediation tracking, application penetration testing facilitation, and securing AI-enabled applications. The Application Security Engineer works closely with application development, DevOps, risk management, and information security teams.

Essential Functions

Perform and support SAST, DAST, and SCA testing

Review, validate, and track remediation of findings

Perform penetration testing against applications - Oversee remediation and metric reporting

Coordinate internal and third-party penetration tests - Review results and participate in remediation plan development

Mentor developers in the area of secure coding practices

Embed security controls throughout the SDLC

Provide secure coding guidance and threat modeling support

Assist in securing AI-enabled applications

Review architectures for data and model risks

Support audits and regulatory requirements

Maintain application security standards

Additional Essential Functions

Ensure compliance with Northwest's policies and procedures, and Federal/State regulations

Navigate Microsoft Office Software, computer applications, and software specific to the department in order to maximize technology tools and gain efficiency

Work as part of a team

Work with on-site equipment

Qualifications

Education: High School Diploma

Work Experience: 5 - 6 years Application security experience

5 - 6 years Financial services experience

5 - 6 years Penetration testing exposure

Licenses and Certifications: CSSLP, GWAPT, OSCP upon hire

Comp TIA Sec+ or CISSP upon hire

Northwest is an equal opportunity employer. We are committed to creating an inclusive environment for all employees.