Lead Application Security Engineer

Swift TransportationManassas, VA
111d$121,564 - $225,762
Match Resume

About The Position

We’re the world’s leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value – across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we’re proud to support the global economy. We’re unique too. We were established to find a better way for the global financial community to move value – a reliable, safe and secure approach that the community can trust, completely. We’re always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. We're looking for a Lead Application Security Engineer to be the security expert for 75+ developers who build the core systems behind Swift's global financial messaging. You'll bring deep technical skills and help shape how we do security across our mature application security program - the infrastructure that connects thousands of financial institutions depends on getting this right. Your work will vary day-to-day - sometimes you'll be embedded directly with development teams, other times providing security advice when teams need it, and you'll also do centralized security reviews for APIs, identity systems, and authentication frameworks.

Requirements

  • Bachelor’s degree.
  • 8 years of hands-on application security experience with demonstrated expertise in secure coding, vulnerability assessment, and security architecture.
  • Advanced proficiency in Java, JavaScript, C++, and Python (emerging) with strong understanding of secure coding practices and common vulnerability patterns in these languages.
  • Extensive experience with application security testing tools (SAST, DAST, IAST, SCA) and their integration into automated CI/CD pipelines.
  • Proven experience in threat modeling and security design sessions for complex applications and systems.
  • Strong background in conducting advanced code security reviews and vulnerability assessments.
  • Strong background in API security including OAuth, JWT, rate limiting, API gateway security, and RESTful service protection.
  • Understanding of financial services, regulatory compliance requirements and security standards relevant to global financial messaging systems.
  • Experience with security automation, security-as-code practices, and CI/CD security integration.
  • Knowledge of container security and securing microservices architectures in on-premises environments.
  • Proven ability to influence and mentor development teams without direct management authority.
  • Experience working in complex organizational structures and building consensus across multiple stakeholder groups.
  • Strong written and verbal communication skills with ability to explain technical security concepts to both technical and business audiences.
  • Track record of driving adoption of security practices in fast-paced development environments.

Nice To Haves

  • Professional security certifications demonstrating hands-on technical skills (GWEB, OSCP, or similar technical certifications).
  • Experience with emerging programming languages and security frameworks.
  • Background in financial services, fintech, or other highly regulated industries.

Responsibilities

  • Lead comprehensive security architecture reviews for Swift's applications across all business domains.
  • Conduct advanced code security reviews with developers across Java, JavaScript, C++, and emerging programming languages including Python.
  • Lead business security assessments for our most critical applications and figure out what security controls we need based on business requirements.
  • Optimize and evolve DevSecOps tools within CI/CD pipelines to reduce false positives and improve developer adoption.
  • Partner with 75+ developers across API and Identity teams to integrate security seamlessly into agile development workflows.
  • Take complex security requirements and make them practical for development teams.
  • Champion security best practices through technical mentorship, training sessions, and documentation that scales across multiple development squads.
  • Collaborate with architecture teams to establish security patterns and standards for all domains in application security.
  • Drive continuous improvement initiatives to enhance developer security tooling and reduce friction in secure development practices.
  • Build metrics and reports that show how well our security efforts are working and where we're reducing risk.
  • Stay ahead of emerging threats specific to financial services applications and infrastructure.

Benefits

  • Medical, dental, vision and life insurance with no premium costs for employees and their families.
  • Retirement plan plus matching 401k.
  • Competitive base salary and bonus opportunity contingent on personal and company performance.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

Bachelor's degree

Number of Employees

5,001-10,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service