Application Security Engineer, Assistant Vice President jobs in United States
cer-icon
Apply on Employer Site
company-logo

MUFG · 10 hours ago

Application Security Engineer, Assistant Vice President

positionJersey City, NJ
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$113K/yr - $146K/yr
date5+ years exp

Mitsubishi UFJ Financial Group (MUFG) is one of the world’s leading financial groups, focused on building long-term relationships and fostering sustainable growth. The Application Security Engineer role involves comprehensive application security testing and vulnerability management, requiring collaboration with development and DevOps teams to enhance the security posture of enterprise applications and ensure compliance with industry standards.

Financial Services

Responsibilities

Conduct DAST scans using Invicti to identify vulnerabilities in applications
Conduct SAST scans using Veracode to identify vulnerabilities in source code
Conduct SCA scans using Veracode to identify vulnerabilities in open source components
Compare SAST and DAST results to ensure comprehensive vulnerability coverage
Analyze scan results, identify root causes, and collaborate with developers to implement effective remediations
Work with CI/CD pipelines to integrate security testing into DevOps workflows
As-needed, conduct manual verification and secondary authenticated scans using Burp Suite to reduce false negatives
Understand and evaluate vulnerabilities in Java, .NET, Python, and other application codebases
Work with development teams to remediate security flaws in source code and follow secure coding practices
Provide guidance on OWASP Top 10 and SANS 25 vulnerabilities, including how they arise, how to exploit them, and how to prevent them
Able to perform scripting and coding in Java and Python as-needed for security engineering
Ensure required DAST, SAST, and SCA release and periodic scanning is occurring and that scans and findings are addressed within SLA
Review and approve false positives and mitigated-by-design requests for DAST, SAST, and SCA
Review and approve SDLC tasks (MME and SbD MUFG processes) for DAST, SAST, and SCA
Maintain compliance with NIST, PCI-DSS, FFIEC, SOX, CIS security frameworks
Store and organize security artifacts in archives, following standardized documentation practices
Work closely with developers, DevOps teams, and application owners to secure software at all stages of SDLC
Automate security scanning processes via scripting and improving reporting capabilities
Stay updated on the latest exploitation techniques, security research, and industry best practices

Qualification

Application SecuritySecure CodingDAST ToolsSAST ToolsVulnerability ManagementCompliance FrameworksCI/CD PipelinesAnalytical MindsetScripting SkillsCloud SecurityCollaborationCommunication

Required

Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
5+ years of experience in Application Security, Secure Development, DAST, and SAST
Hands-on experience with DAST tools such as Invicti (Netsparker), AppScan, Burp Suite, Acunetix
Experience with SAST tools like Veracode and Fortify
Experience with Burp Suite performing manual testing
Strong knowledge of web security vulnerabilities (OWASP Top 10, SANS 25, MITRE ATT&CK)
Software development experience in Java, .NET, Python, or similar languages. Ability to perform scripting for security engineering
Familiarity with secure software development life cycle (SSDLC) and CI/CD pipelines
Strong ability to collaborate with developers and provide security guidance in a constructive manner
Excellent communication skills, including technical reporting and vulnerability documentation
Analytical mindset with a passion for improving software security and reducing risk exposure

Preferred

Relevant security certifications (e.g., OSCP, OSWE, GWAPT, CEH) are highly desirable
Experience with cloud security (AWS, Azure, Oracle Cloud) is a plus
Scripting skills (Python, Bash, PowerShell) to automate security tasks

Benefits

Comprehensive health and wellness benefits
Retirement plans
Educational assistance and training programs
Income replacement for qualified employees with disabilities
Paid maternity and parental bonding leave
Paid vacation
Sick days
Holidays

Company

MUFG

twitter
Glassdoor3.6
company-logo
MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups.
dateFounded in 2001
location
Chiyoda-ku, Tokyo, JP
people-size10001+ employees
web-link
http://www.mufg.jp/english/ourbrand/index.html

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Greidy Puig
Vice President Finance- Business Unit CFO
linkedin
leader-logo
Mark Fernandez
Vice President, Global Markets CFO Office
linkedin

Recent News

mint
Mitsubishi UFJ Financial Group eyes expansive growth in India amidst positive economic outlook: Report | Mint
2024-04-29
Business Wire
MUFG Investor Services Tops $1 Trillion in Assets Under Administration
2024-04-29
Simply Wall St
Mitsubishi UFJ Financial Group's (TSE:8306) 45% CAGR outpaced the company's earnings growth over the same ...
2024-04-29
Company data provided by crunchbase