• Application Cyber Security Engineer

    Location US-OR-Portland
    Posted Date 6 days ago(2/15/2019 6:07 AM)
    # Positions
    1
    Status
    Full-Time
    Req #
    17742
  • Overview

    If you want to make a positive difference and stand out from the crowd, you’ll fit in at The Standard (www.standard.com). Through our retirement plans and insurance products and services, we help people achieve financial well-being and peace of mind. Come join us and share our passion for serving our customers in a positively different way.

     

    When you work at The Standard, you are part of a company that provides customers financial well-being and peace of mind. As a member of our IT team, you work side by side with the business, pursuing strategic opportunities for our company. It’s an exciting time with new products, new distribution channels and new customer needs that are driving big investments in technology. At The Standard, we are large enough for big opportunities and small enough for big impact.

     

    As an Application Security Engineer you will directly support the Information Security function and be responsible for evaluation of security design and assist in the development of new technologies and the interfaces that engineering and solution delivery teams can integrate into their own development projects.

     

    You will remain the single point of contact for security to development and engineering teams you are assigned to. As the single point of contact, you will need to embed yourself in to the development pipelines, guide the teams on the right design and implementation and also review the checks and balances to help obtain the approvals for deployment.

    Responsibilities

    • Research, initiate and drive the evaluation of third party or homegrown tools/technologies/processes to maintain and enhance the security of applications
    • Provide security related consultancy  and proactively drive the security engineering with Solution Delivery and Engineering
    • Work closely with the teams in a collaborative environment to ensure that security awareness and issues are communicated effectively
    • Provide technical and operational security support to IT Operations, Solution Delivery, Legal, and business units
    • Work closely with agile development teams and their delivery deadlines to remediate application vulnerabilities detected through security scanning tools
    • Be an ambassador for the team to assist with the ongoing integration of the Application Security team with other business units within The Standard
    • Actively manage the security activities associated with secure software development, including performing peer code reviews, to address risks and threats. Including but not limited to examples below:
      • Able to write and review code with colleagues, each with different priorities, backgrounds, and abilities
      • Provide guidance on application security event logging
      • Arrive at novel solutions to difficult problems
      • Strong knowledge of secure development practices
      • Ability to interact professionally with senior leadership and can articulate key messages to a range of technical and non-technical audiences
      • Effectively works in a distributed team environment
      • High degree of self-sufficiency, ownership, and pride of deliverables
      • Experience in a highly technical hands on environment preferred
    • Conduct system security testing to verify that controls have been met
    • Coordinates the creation of an executive risk summary, and clearly articulates the residual risk
    • Mentor and train less experienced engineers, developers, and analysts

    Qualifications

    • Requires a bachelor’s degree in Computer Science, Business Information Systems, or a comparative field
    • Eight to ten years of overall related application development experience
    • 3 to 5 years’ experience with cloud services and solutions such as AWS, Azure, and/or private cloud
    • 3 to 5 years’ experience with Secure SDLC
    • 3 to 5 years of security analysis, or related work experience
    • Working knowledge of configuration management (Salt, Puppet, Chef, etc), automation and orchestration solutions
    • Good understanding of and practical hands-on knowledge of networking fundamentals
    • Ability to work with others to solve challenging technical problems
    • Possess strong collaboration and communication skills

     

     

    Standard Insurance Company, The Standard Life Insurance Company of New York, Standard Retirement Services, Inc., StanCorp Equities, Inc. and StanCorp Investment Advisers, Inc., marketed as The Standard, are Affirmative Action/Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, national origin, gender, sexual orientation, age, disability, or veteran status or any other condition protected by federal, state or local law. The Standard offers a drug and alcohol free work environment where possession, manufacture, transfer, offer, use of or being impaired by an illegal substance while on Standard property, or in other cases which the company believes might affect operations, safety or reputation of the company is prohibited. The Standard requires a criminal background investigation, drug test, employment, education and licensing verification as a condition of employment. All employees of The Standard must be bondable.

     

    For more information regarding your Equal Employment Opportunity applicant rights, click  here.

     

    Individuals with disabilities who need assistance or accommodation with the application process should contact HR Direct at 971-321-7871.  This number is only for the use of individuals with disabilities who need accommodation with the application process.  General inquiries about application status will not be addressed.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed