Senior Information Security Engineer – Applications

About The Position

Requirements

• Ability to problem-solve
• Excellent interpersonal, verbal and written communication skills, including the ability to communicate effectively in a virtual environment (e.g., via phone, web/videoconference)
• Ability to concentrate on tasks, make decisions and work calmly and effectively in a high-pressure, deadline-orientated environment
• Demonstrated ability to use good judgment in taking initiative while asking for direction or clarification and consulting others, as appropriate
• Willingness to be flexible with time and adjust to a changing work environment
• Ability to build and maintain positive relationships, both internally and externally, while maintaining a client service orientation
• Ability to use sound judgment and discretion in dealing with highly confidential information
• Ability to take direction and accept supervision
• Demonstrated ability to work independently, organize and accurately prioritize work, be detail-oriented, understand when urgency is required and use good judgment in varied situations
• Ability to work effectively with co-workers in a team oriented collaborative environment
• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent combination of education and relevant experience.
• Minimum of eight (8) years of relevant experience in development, quality assurance, or information security technical roles.
• Proven expertise in secure software development, including integration of security practices within the Software Development Life Cycle (SDLC).
• Deep and broad knowledge of the SDLC, with experience delivering applications and services in Azure and hybrid environments.
• Strong understanding of OWASP Top 10 vulnerabilities and secure coding principles.
• Hands-on experience in multiple programming languages and conducting thorough code reviews.
• Experience performing application-level penetration testing and vulnerability assessments.
• Detailed technical knowledge of application, operating system, and network security.
• Strong experience with network security, networking technologies, and system, security, and network monitoring tools.
• Thorough understanding of current security principles, techniques, and protocols.
• Ability to effectively communicate information security issues, risks, and recommendations to both technical and non-technical peers and stakeholders.

Nice To Haves

• Relevant professional certifications (e.g., CISSP, CEH, or equivalent) and/or additional education or specialized training in secure software development are highly preferred.

Responsibilities

• Leads comprehensive vulnerability and configuration assessments to ensure Azure and on-premises applications and services are secure and aligned with industry best practices.
• Performs advanced risk and threat assessments for applications, identifying potential attack paths, misconfigurations, and development flaws.
• Executes in-depth application-layer security assessments, including secure code reviews, static and dynamic testing, and vulnerability analysis.
• Drives red teaming exercises, secrets management, and proactive identification of application security risks to strengthen defenses.
• Provides consistent and proactive updates to the Director, delivering risk-based insights, potential impacts, and recommendations for timely mitigation.
• Continuously evaluates downstream impacts of application changes and proactively advises leadership on implications, dependencies, and risk reduction strategies.
• Collaborates with internal teams and external service providers to implement and enforce security best practices, ensuring robust application protection.
• Serves as a key contributor to security event response as a member of the Security Incident Response Team, providing expert guidance on remediation and mitigation.
• Maintains detailed documentation of assessments, findings, and remediation efforts to support metrics, reporting, and continuous improvement of application security programs.
• Special projects and other duties as assigned

Benefits

• Flexible working environment for work-life success
• Opportunity to participate in firm-sponsored volunteer events
• Wellness programming with personalized content and activities
• Professional environment and the opportunity to work with experts at the top of their fields
• Variety of health plan options, as well as dental, vision and 401(k) plans
• Generous paid time off