MUFG

MUFG

NY, US

Sr. Application Security Engineer

Sr. Application Security Engineer

  • Requisition # 10047975-WD
  • Job Type Full time
  • Location New York, New York
  • Date posted 11/05/2021

Your potential. Your opportunity.

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

The Senior Application Security Engineer reports directly to the Head of Information Security Engineering and Operations. As an expert in your field, you will apply data-driven models to define application security strategies that are customized to the business goals. You proactively engage with stakeholders to develop and continuously revise application security roadmaps. The detailed plans and realistic methods that you develop empowers the business to aggressively pursue initiatives while optimizing risk reduction. You are a champions of the organization’s information security aspirations who works as a servant leader to evolve and embed security considerations throughout the software development lifecycle.

Responsibilities

  • Define application security strategies that are customized to the business goals

  • Develop secure software development lifecycle processes

  • Perform threat modeling on existing and upcoming applications

  • Perform static application security testing (SAST) of the code base on a regular basis

  • Perform dynamic application security testing (DAST) using open source and commercial tools

  • Identify and mitigate vulnerabilities originating from third party components

  • Review security alerts and reports and work closely with the DevOps team to design workflows

  • Provide secure system and software development training and best practices to the software engineering teams

Good to have’s

  • Familiar with Financial Services regulators, regulations and best practices (e.g. OCC, FRB, FFIEC, FINRA, SEC, IIROC, SOX, GLBA, GDPR)

  • Process improvement and procedure are documented and maintained per RCSA process

  • Experience with automation tools (e.g. TeamCity, Jenkins, Bamboo, GitLab, Kubernetes, Ansible, Chef, Puppet, Salt)

  • Experience in using scripting languages and deploying applications (e.g. Python, .Net, Java, Perl) to automate tasks and manipulate data

Other skills

  • Excellent communication skills

  • Ability to explain complex security topics in simple terms

  • Ability to lead and manage multiple security initiatives

  • A good team player who is self-motivated and well organized

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to exemptions for medical or religious reasons, as well as any other reason required by applicable law or order. Should you be selected for an interview, your recruiter will provide additional information.


About MUFG

MUFG stands for Mitsubishi UFJ Financial Group, the world’s 5th largest financial group. But if you take a closer look, you’ll see that we stand for so much more. We are undertaking a significant transformation initiative that will make us an agile company that is powered by a resilient, flexible technology and data stack. This means investing in talent, technologies, and tools that put our clients’ and colleagues’ changing needs first. Help Build a Bank You'll Be Excited to Call Yours We are looking for resilient technologists who will help us build the future of banking with a new digitally-led, cloud-first, real-time deposit system. This is a rare opportunity to transition to a modern platform as a member of this high-impact team. Backed by the strength and stability of the world's 5th largest financial institution, you'll help build a bank you'll be excited to call yours.