SMBC Group · 9 hours ago
Application Security Engineer - Associate
Charlotte, NC
Full-time
Hybrid
Entry Level
3+ years expSMBC Group is a top-tier global financial group offering a diverse range of financial services. The Application Security Engineer will focus on ensuring that code developed follows security policies and guidelines, working closely with developers to address vulnerabilities before production release.
AdviceBankingFinancial Services
Responsibilities
Strong ability to work with stakeholders and being able to explain code issues and fixes to development community
You will work very closely with developers on day-to-day basis to ensure all projects follow the SDLC process and all code in the environment is scanned and reported focusing on SAST, SCA and Container Security issues
You will be responsible for managing respective code scanning tools in the stack and day to day operational management of the tools
Interface with development and security architecture teams on topics related to application security for example vulnerability remediation, best practices, threat modeling, etc
Interface with the vulnerability management team to ensure vulnerabilities identified are reported and validated according to SLA’s
Development of KPIs and metrics related to application security risk working closely with the Americas Division Application Security and Testing teams
Publish and present high level management reports on State of AppSec Program within Capital Markets and Nikko entities
Some manual testing activities validate vulnerability or penetration testing findings
Weekend and night work may be needed at times based on project, support, and business needs
Qualification
Required
3+ years of experience as a developer with strong focus on Application Security
Development background with one or more of programming languages, C#, C++, Java, Python, .Net
Ability to read and understand code deficiencies – Required
Ability to write code fixes for stakeholders and create automation scripts to support internal cybersecurity projects
Experience in developing and maturing CI/CD pipeline w.r.t code quality and detecting vulnerabilities
2+ years of experience with Static Application Security Testing (SAST) or Dynamic App Security Testing (DAST)
2+ years of experience with container security issues and container technologies
Through understanding of the components of the Secure Software Development Lifecycle
Strong knowledge of OWASP Top 10 or CWE
Understanding of common software threats and mitigations
Must be process and detail oriented, ability to create detailed process documentation
Experience with Jira/Confluence
Preferred
Bug Bounty and/or penetration testing experience a bonus
Company
SMBC Group
SMBC Group is a top-tier global financial group.
10001+ employees
H1B Sponsorship
SMBC Group has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (160)
2024 (87)
2023 (73)
2022 (44)
2021 (29)
2020 (26)
Funding
Current Stage
Late StageLeadership Team
Hirofumi Otsuka
Senior Managing Executive Officer & CEO of Americas Division
Juan Kreutz
Head of Structured Finance Solutions and Deputy Head of the Americas
Recent News
Company data provided by crunchbase