Skip to content

Senior Application Security Engineer

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

What's the role?

Northwestern Mutual is looking for a hardworking technologist who would like to grow their career in application security. In this position, you will be an integral part of the DevSecOps team, focused on integrating security seamlessly into the software development lifecycle across a range of platforms and technologies. We will work together to enable product teams to deliver secure-by-design applications and infrastructure, by providing security expertise throughout the software development lifecycle.

Essential job duties:

  • Provide domain expertise on secure design & coding practices, including education, threat modeling, security architecture reviews, secure pattern development and implementation support to cloud, on-prem and mainframe application teams

  • Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components, and help product teams determine solutions that mitigate these risks while adhering to internal standards, regulatory and compliance requirements

  • Evaluate and operationalize security tools by automating to the extent possible

  • Review security test results from vulnerability scans, penetration testing for true positives and develop secure patterns to remediate or mitigate risk

Bring your best! What this role needs:

  • Bachelor's degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS or related field or equivalent work experience.

  • 3+ years of meaningful work experience in cyber security, development, and/or infrastructure

  • Solid understanding of secure coding principles, application security vulnerabilities, and countermeasures

  • Experience with application programming as part of a software development lifecycle

  • Proficiency in software development or scripting languages (Java, Python, JavaScript, PowerShell, Bash)

  • Experience with applications hosted in Amazon Web Services (AWS) and/or Microsoft Azure with solid understanding of how to secure them

  • Experience with security testing tools, including dynamic, static and composition code analysis, and integrating them into CI/CD pipelines

  • Penetration testing skills, including knowledge of using tools such as Burp or Zap

  • Experience in development of applications through automated deployment and orchestration services, such as GitLab, Jenkins, Ansible or Kubernetes

  • Experience in converting manual processes into automated processes

  • Experience with Agile methodologies

  • Excellent verbal and written communication skills, with an ability to translate requirements into understandable deliverables

  • Ability to independently identify and resolve complex issues through effective problem-solving skills

Certifications:

  • One or more of the following: GIAC, CISSP, CSSLP, OSCP, CCSP

Beyond base salary, we offer the following benefits; pension, 401k, comprehensive medical, dental, and vision, FREE lunch, annual bonus opportunity, and much more!

#LI-Post

This job is not covered by the existing Collective Bargaining Agreement.

Required Certifications:

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now! 

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.


FIND YOUR FUTURE

We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.