This job is no longer available
There are still lots of open positions. Let's find the one that's right for you.
As the Application Security ('AppSec') Engineer you are an individual contributor in the Capital Group (CG) AppSec team. The CG AppSec team is part of Information Security in CG's Information Technology Group. In the role you will be reviewing the architectures and performing threat models, code reviews, validating cloud configurations, and validating the DAST, SAST, and SCA findings for web applications. You will be doing code reviews (Java, TypeScript/JavaScript, Python, Terraform) and creating POCs for DAST tooling where required or collaborating with the penetration testers, as appropriate. The team members are geographically dispersed with varying experience levels. You will help the teams understand how to fix issues and provide best practices or appropriate compensating controls. In this role, you will be using threat modeling tools, static analysis tools, cloud configuration tools. If you are good at software security, this role is for you.
