Application Security Engineer, Dynamic Analysis

Our Team:

At BNY Mellon, Cyber Security is a top priority for both technology and the business.

Our Information Security Division is on constant alert using their creativity and knowledge of cybersecurity, technology, and business processes to develop and deliver solutions. In this fast-paced environment, we collaborate to respond to current risks while identifying and anticipating future threats.

Our cyber capabilities encompass the full spectrum of services from Cyber Operations (SOC, Cyber Threat Intelligence, Vulnerability Management, Cyber Incident Response, Penetration Testing & Red Teaming, Cyber Analytics & Fraud, and Insider threat) to Cyber Architecture and Engineering (Network, Platform, Cloud, and Applications Security).

We provide a robust set of cyber services that provide full scope protection and response capabilities across the BNY Mellon enterprise.

We drive an understanding of cybersecurity risk and the steps that must be taken to create and maintain a secure environment that drives innovation

The Role:

The Application Security Engineer, Dynamic Analysis will support the development teams, including reviewing and explaining application security tools and processes, providing vulnerability explanations and remediation guidance, and performing basic configuration of scans. You will need to e ngage with product owners, project managers and developers to conduct security reviews, identify risks and conform to organizational remediation/mitigation timelines.

Key Responsibilities:

• Experience with AppSec tooling to perform Dynamic Analysis (DAST).
• Provide vulnerability remediation and mitigation guidance that maintains a balance between security and business objectives.
• Must have a mindset of continuous improvement of people, processes, and technology.
• Mentor junior team members and act as a subject matter expert for application security issues.
• Experience with AppScan, Burpe Suite and Jira a must.
• Able to work both independently as well with development teams and multi-task effectively.
• Excellent written and oral communication skills, as well as social skills including the ability to articulate to both technical and non-technical audiences.
• Experience with modern programming languages such as Java, JavaScript, C#, Swift, Kotlin, and/or Python.
• Experience with modern programming languages such as Java, JavaScript, C#, Swift, Kotlin, and/or Python.

Qualifications:

• Bachelor's Degree in Software Engineering, Computer Science, Cybersecurity, or related field is preferred.
• 5+ years of relevant experience in Application Security or secure development.
• Relevant professional certifications preferred (e.g., CISSP, CSSLP, Security+, CASE, etc.)

BNY Mellon assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $65,250 and $131,250 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis, including as to experience and market location, and is only part of the BNYM total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long-term incentive packages, and Company-sponsored benefit programs.

This position is at-will and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation) at any time, including for reasons related to individual performance, change in geographic location, Company or individual department/team performance, and market factors.