Senior Associate - Application Security and Vulnerability Management Specialist

Remote, NY, US

New York Life Insurance Co

USD 95K+ Full Time Senior Mid

Company preview All jobs at New York Life Insurance Co

Search Fresh Jobs Job profile

Published 3 months ago

Hey, this job isn't fresh anymore! 👉 Find fresh remote jobs here

Location Designation: Hybrid - 3 days per quarter

As part of Technology, you'll have the opportunity to contribute to groundbreaking initiatives that shape New York Life's digital landscape. Leverage cutting-edge technologies like Generative AI to increase productivity, streamline processes, and create seamless experiences for clients, agents, and employees. Your expertise fuels innovation, agility, and growth — driving the company's success

Role Overview:

This role involves supporting the tools used within these programs as well as providing technical guidance, conducting, and reviewing application security testing, and integrating security best practices into the software development lifecycle in support of secure coding standards. The specialist will be hands on and oversee vulnerability identification and remediation, perform threat modeling, conduct security design reviews, and provide day-to-day guidance to a team of consultants. Additionally, they will offer technical direction to other security teams, evaluate system performance, perform risk assessments, and manage enhancement projects.

We are searching for a highly motivated Security professional with 5 years of experience to play a pivotal role in safeguarding our organization's data and systems. As the Vulnerability & Application Security Specialist, you will be responsible for supporting a comprehensive program that ensures the security of our on-premises and cloud environments.

What You’ll Do:

Application Security:

Conduct manual application security testing to identify vulnerabilities and recommend remediation strategies.
Manage and prioritize vulnerabilities using tools such as Checkmarx and HCL AppScan
Implement and maintain robust cloud security practices to protect our cloud-based infrastructure.
Collaborate with development teams to integrate security best practices into the software development lifecycle.
Conduct regular security assessments and code reviews to ensure applications are secure.
Provide security training and awareness to development teams.

Vulnerability Management:

Manage the end-to-end vulnerability management lifecycle, including identification, assessment, remediation, and reporting of security vulnerabilities.
Oversee the build of new elements of the vulnerability management technology strategy.
Lead planning activities for vulnerability management security areas, providing insight into future trends and challenges.
Conduct regular vulnerability scans to identify security weaknesses.
Ensure compliance with security policies, standards, and regulations.
Provide oversight and guidance to a team of technical security professionals responsible for managing the engineering of vulnerability and configuration management processes.

Leadership & Collaboration: