At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
What's the Role?
We are looking for enthusiastic technologists who want to grow their career in DevSecOps – Application Security. In this position, you will work with multi-functional teams while leveraging a set of diverse technologies and an automation first approach to strive towards improving the efficiency and effectiveness of our DevSecOps program with a focus on Application Security.
In this role, the candidate can expect to:
- Engineer solutions with a focus on automation to reduce manual/repetitive tasks
- Guide and advise application and engineering teams in the area of Application Security
- Operationally support DevSecOps capabilities integrated into our software development lifecycle including SAST, DAST, SCA, RASP, CSPM, and infrastructure vulnerability scanners
- Assist with technical support of DevSecOps capabilities and respond to service and escalation tickets within service-level agreements
- Actively monitor, assess and recommend tactical and pivotal initiatives based on new and emerging threats posing risk to our environments
- Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry standard methodologies
- Assist in remediation efforts after security assessment findings outline weaknesses requiring attention
The ideal candidate is:
- Passionate about security
- A standout colleague and enjoy collaborating with cross-functional teams
- A great communicator (written and verbal) with an ability to articulate complex topics in a clear and concise manner
- Employs a flexible and constructive approach when solving problems
- Continuously looking for opportunities to improve our processes and capabilities
- Proficient with development and scripting languages, Python preferred
- Knowledgeable of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS)
- Experience working with application and engineering teams
- Comfortable peer-reviewing code, educating on AppSec vulnerabilities (OWASP), and providing remediation guidance
- A self-directed individual contributor
Bring your best! What this role needs?
- Bachelor’s degree, Associate's degree or equivalent experience with an emphasis in Cybersecurity, Computer Science, Computer Engineering, Software Engineering, MIS or related field
- 1-3+ years' experience in application security or cybersecurity practitioner
- Knowledgeable about secure architecture, engineering and design principles
- Experience conducting security tests (static and dynamic code analysis, software composition analysis, or penetration tests)
- Knowledge of common application and cloud security tools, such as Burp, Zap, Checkmarx, InsightCloudSec (DivvyCloud), PrismaCloud, InsightAppsec, InsightCloudsec, Jfrog Xray
- Experience with CICD pipelines to automate application and infrastructure code deployments
- Experience with workload orchestration platforms such as Kubernetes
- Relevant certifications from GIAC, ISC(2) and other recognized cybersecurity industry organizations
- Collaborative team first environment
- Tons of room for career growth.
- We offer highly competitive compensation, including annual bonus opportunities
- Medical/Dental/Vision plans, 401(k), pension program
- We provide tuition reimbursement, commuter plans, and paid time off
- We provide extensive Professional Training Opportunities
- We offer an excellent Work/Life Balance
- Hackathons/Dedication to Innovation
Pay Range - Start:
Pay Range - End:
Please note that this is the standard pay structure. Positions in certain locations (such as California) may provide an increase on the standard pay structure based on the location. Please click here for additional information relating to location-based pay structures.
Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in California, Colorado, New York City, Washington or outside of a Corporate location, please click here for information pertaining to compensation and benefits.
FIND YOUR FUTURE
We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.
Flexible work schedules
Employee resource groups