Senior Associate - Application Security and Vulnerability Management Specialist
Location Designation: Hybrid - 3 days per quarter
As part of Technology, you'll have the opportunity to contribute to groundbreaking initiatives that shape New York Life's digital landscape. Leverage cutting-edge technologies like Generative AI to increase productivity, streamline processes, and create seamless experiences for clients, agents, and employees. Your expertise fuels innovation, agility, and growth — driving the company's success
Role Overview:
This role involves supporting the tools used within these programs as well as providing technical guidance, conducting, and reviewing application security testing, and integrating security best practices into the software development lifecycle in support of secure coding standards. The specialist will be hands on and oversee vulnerability identification and remediation, perform threat modeling, conduct security design reviews, and provide day-to-day guidance to a team of consultants. Additionally, they will offer technical direction to other security teams, evaluate system performance, perform risk assessments, and manage enhancement projects.
We are searching for a highly motivated Security professional with 5 years of experience to play a pivotal role in safeguarding our organization's data and systems. As the Vulnerability & Application Security Specialist, you will be responsible for supporting a comprehensive program that ensures the security of our on-premises and cloud environments.
What You’ll Do:
Application Security:
- Conduct manual application security testing to identify vulnerabilities and recommend remediation strategies.
- Manage and prioritize vulnerabilities using tools such as Checkmarx and HCL AppScan
- Implement and maintain robust cloud security practices to protect our cloud-based infrastructure.
- Collaborate with development teams to integrate security best practices into the software development lifecycle.
- Conduct regular security assessments and code reviews to ensure applications are secure.
- Provide security training and awareness to development teams.
Vulnerability Management:
- Manage the end-to-end vulnerability management lifecycle, including identification, assessment, remediation, and reporting of security vulnerabilities.
- Oversee the build of new elements of the vulnerability management technology strategy.
- Lead planning activities for vulnerability management security areas, providing insight into future trends and challenges.
- Conduct regular vulnerability scans to identify security weaknesses.
- Ensure compliance with security policies, standards, and regulations.
- Provide oversight and guidance to a team of technical security professionals responsible for managing the engineering of vulnerability and configuration management processes.
Leadership & Collaboration:
- Provide ongoing technical guidance and mentorship to a team of security consultants.
- Collaborate with IT and development teams to foster a culture of security awareness and best practices.
- Offer technical direction to other security teams on vulnerability management and secure coding practices.
What You’ll Bring:
- Proven experience in manual application security testing and vulnerability management.
- Proficiency with security tools such as Qualys, ServiceNow, CheckMarx, and Appscan.
- Strong understanding of cloud security principles and best practices.
- Excellent technical skills with the ability to analyze and solve complex problems.
- Effective communication and collaboration skills.
- Experience with secure coding practices and security frameworks.
- Knowledge of regulatory requirements and industry standards related to security.
- Interpersonal skills including the ability to; collaborate effectively, manage challenging relationships, assist more junior staff developmentally and display excellent written and oral communications.
Personal Qualities:
- Self-Starter: Demonstrates initiative and can work independently with minimal supervision.
- Technical: Possesses a deep understanding of security technologies and methodologies.
- Problem Solver: Capable of identifying and resolving security challenges effectively.
- Adaptable: Able to adjust to new threats and changing security landscapes quickly.
#LI-KV1
Pay Transparency
Salary Range: $95,000-$162,500
Overtime eligible: Exempt
Discretionary bonus eligible: Yes
Sales bonus eligible: No
Actual base salary will be determined based on several factors but not limited to individual’s experience, skills, qualifications, and job location. Additionally, employees are eligible for an annual discretionary bonus. In addition to base salary, employees may also be eligible to participate in an incentive program.
Our Benefits
We provide a full package of benefits for employees – and have unique offerings for a modern workforce, including leave programs, adoption assistance, and student loan repayment programs. Based on feedback from our employees, we continue to refine and add benefits to our offering, so that you can flourish both inside and outside of work. Click here to discover more about our comprehensive benefit options or visit our NYL Benefits Site.
Our Diversity Promise
We believe in a diverse workforce because it is our mission to advocate for the financial security and success of people in every community. This is why diversity, equity, and inclusion (DEI) are guiding principles that are embedded in our brand and our culture. Click here to learn more about how we have been recognized for our leadership.
Recognized as one of Fortune’s World’s Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by the Foundation. We're proud that due to our mutuality, we operate in the best interests of our policy owners. To learn more about career opportunities at New York Life, please visit the Careers page of www.NewYorkLife.com.
Job Requisition ID: 90797
Job Segment:
Cloud, Embedded, Testing, Outside Sales, Equity, Technology, Sales, Finance