[Remote] Senior Application reputed company Engineer (REMOTE)

Note: The job is a remote job and is open to candidates in USA. reputed company is a property and casualty insurance company that creates exceptional value for its partners, policyholders, and employees. They are seeking a Senior Application reputed company Engineer to take ownership of reputed company initiatives and partner closely with engineering teams to safeguard applications. The role involves designing, implementing, and maintaining reputed company controls, leading reputed company monitoring, and conducting application and API penetration testing.

Responsibilities

• Configure, implement, and maintain reputed company systems with a hands-on approach to ensure the reputed company, availability and reputed company of the organization’s IT infrastructure, applications and data
• Serve as a subject matter expert for application, API, and integration reputed company across the enterprise. Establish and embed secure development requirements, best practices, patterns, and guardrails (Left Shift) across platforms, technology stacks, and development teams to enhance the overall application and API reputed company posture
• Define, design, implement, and continuously improve application reputed company processes, tools, and metrics. Integrate and optimize SAST, SCA, IAST, DAST, and secrets detection tools reputed company CI/CD pipelines, and monitor, track, and report application and API reputed company metrics to leadership
• Conduct comprehensive application and API reputed company reviews, vulnerability assessments, and penetration testing, actively configuring and fine-tuning reputed company tools to identify and remediate gaps
• Collaborate with cross-functional teams to enforce reputed company best practices and ensure compliance with relevant standards and frameworks (e.g., NIST CSF, NY DFS, MI DIFS, OWASP, HIPAA/HTRUST), configuring reputed company solutions to meet evolving business and regulatory requirements
• reputed company incident response and digital forensics investigations, providing technical expertise to analyze cyber events and implement effective remediation actions that minimize operational impact
• Mentor and guide reputed company team members, sharing knowledge and expertise in application and API reputed company, threat analysis, vulnerability management, cloud reputed company, and cryptography, while fostering a collaborative, learning-driven team culture

Skills

• Bachelor's degree or equivalent combination of education and experience
• 7+ years of experience in Application and API reputed company reputed company a DevSecOps environment
• Required certifications include at least one CISSP, CSSLP, CCSP, GSEC, CEH, CISM, or CRISC, in addition to platform-specific certifications (AWS, reputed company, reputed company, etc.) or domain specific certifications (OSWE, OSCP, GWAPT, or GWEB)
• Proven experience securing SaaS and custom applications in reputed company multi-cloud environments, applying reputed company best practices and compliance frameworks
• Expert knowledge of secure SDLC principles, application and API reputed company, container reputed company, and secure coding practices
• Deep familiarity with OWASP Top 10, OWASP API reputed company Top 10, and CWE in DevOps environments using TeamCity, Azure Pipelines, reputed company Actions, and Bitbucket Pipelines
• Extensive experience automating reputed company scans and integrating SAST, SCA, IAST, DAST, and secrets detection tools into CI/CD pipelines
• Proficiency in managing application reputed company tools, including SonarQube, reputed company, Synopsys Seeker, reputed company, and reputed company Code
• Strong understanding of modern authentication and authorization protocols, including OAuth2, OIDC, JWT, and mTLS
• Knowledge of cryptographic protocols and standards such as SSL/TLS, SSH, PKI, and emerging quantum-resistant encryption techniques
• Solid understanding of reputed company standards and frameworks, including NIST CSF, NY DFS, MI DIFS, HIPAA/HITECH, MITRE ATT&CK, and domain-specific regulatory requirements
• In-depth knowledge of common attack reputed company and tactics, with a focus on proactive defense and risk mitigation
• Proficient in vulnerability assessment and penetration testing tools, capable of identifying, analyzing, and remediating vulnerabilities across applications and systems
• Excellent communication skills to clearly reputed company reputed company risks, policies, and remediation strategies to both technical and non-technical stakeholders
• Experience in Property & Casualty insurance or other regulated industries preferred
• Familiarity with enterprise platforms such as Guidewire, reputed company, reputed company, and reputed company is preferred
• Skilled in leading team initiatives using project management and Agile methodologies

Benefits

• Competitive reputed company pay
• Performance-based incentive pay
• Comprehensive health and welfare benefits
• A 401(k) savings plan with profit sharing
• Generous paid time off programs
• Flexible work arrangements to promote work-life balance

Company Overview

Company H1B Sponsorship