Senior Security Engineer
This position can be located in Bethlehem, Pa, Holmdel, NJ or Stamford, CT. There is also a remote option for 2 -3 days week for the right candidate.
The Guardian Information Security team employs progressive, dynamic, cutting-edge security assurance measures. This position is located onsite at Guardian's Colorado office, and will be working alongside the Guardian Security Assurance and Reed Group Brand cyber security staff to enable and ensure the alignment of the application security program to the security requirements of our customers and perform additional security assurance functions.
You will be responsible for supporting the following key areas:
* Application, API, and Mobile security testing
* Identifying and performing risk-based prioritization of vulnerabilities based on industry standards
* Participating in ethical hacking and penetration testing as part of the Red Team
* Continued support for migrating into "DevSecOps" model
* You will provide technical expertise to, and potentially running security projects
* Work history includes 3-5 years of performing application security assessments and providing SME level support for remediation of findings
* Working Knowledge of OWASP methodologies for testing, assessing risk, and improving application security programs
* Can determine, defend, and demonstrate the exploitability of a vulnerability and determine residual risk after considering mitigating controls
* Strong experience with testing APIs and native and web based mobile applications for security defects
* Experience developing and continuously improving metrics and communicating the appropriate messaging on the health and progress of the application testing program
* Advanced understanding of common IT security controls and frameworks
* Familiarity with methods and coding to fix application security issues including experience suggesting code changes to fix security defects
* Hands-on experience with application security enterprise grade testing tools and open source testing tools
* Familiarity or experience with Penetration testing methodologies and/or Red teaming
* Knowledge of concepts for securing networks and systems
* Understanding of the Agile development framework(SAFE Agile preferred)
* Tried team player, works well with others but can easily transition to working alone when required
* Independent, ambitious, driven and eager to grow and learn
* Expert communicator, able to articulate "technical issues in developer or business terms; able to convey "technical" security issues to leadership
* Ability to independently solve problems from definition to closure
* Proven ability to multitask in a fast, dynamic environment built on multi-vendor security controls
* BA/BS Degree in Information security or equivalent, have some supporting work experience, or alternatively reputable security certifications and equivalent work experience.
* 3 years of experience working within application security discipline
* 3 Years leading security initiatives or efforts for a mid to large enterprise
Every single day, Guardian gives 26 million Americans the security they deserve through our insurance and wealth management products and services. Since our founding in 1860, our long-term view has helped our customers prepare for whatever life brings whether starting a family, planning for the future or taking care of employees. Today, we're a Fortune 250 mutual company and a leading provider of life, disability and other benefits for individuals, at the workplace and through government sponsored programs. The Guardian community of ~9000 employees and our network of over 2750 financial representatives is committed to serving with expertise when, where and how our clients need us. Our dedications rest on a strong financial foundation, which at year-end 2017 included $8.0 billion in capital and $1.6 billion in operating income. For more information, please visit guardianlife.com or follow us on Facebook, LinkedIn, Twitter and YouTube.
Guardian is an equal opportunity employer. All applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.