Nomura
Interested in applying for the
Senior Application Security Engineer
role at
Nomura , a leader in global banking and financial services.
This position is based in New York, NY, and reports directly to the Application Security Lead.
Role Overview We are looking for a talented and experienced professional to join our team as Senior Application Security Engineer with specific focus on DevSecOps, Dynamic Application Security Testing (DAST, UAT), and related activities. In this role, you will be part of a team leading the design, development, and implementation of robust and scalable application security solutions to protect Nomura’s critical assets. The role is technical and hands‑on and requires a deep understanding of application security practices (SAST, SCA, DAST) and generally the secure software development lifecycle (SDLC). You will play a key role in shaping our information security strategy and ensuring the resilience and effectiveness of application security solutions.
Key Responsibilities
Drive innovation in DevSecOps security automation across a global enterprise environment, implementing cutting‑edge solutions and best practices.
Build out and maintain a robust Dynamic Application Security Testing Practice, including managing and deploying our DAST tool.
Support onboarding and scanning of business applications and related processes.
Validate scans and risk‑assess findings (triage, attribution).
Read out findings to developers and advise on remediation.
Lead strategic partnerships with Application Security development teams to drive adoption of security best practices.
Implement robust security practices throughout the application lifecycle.
Foster collaborative relationships with key stakeholders to ensure alignment with industry security standards, compliance with regulatory requirements, implementation of robust security frameworks, and adherence to governance protocols.
Skills, Experience, Qualifications and Knowledge Required
Master’s or Bachelor’s degree in Computer Science, Information Technology, or related fields.
5+ years of proven information security experience, including expertise in Dynamic Application Security Testing, Static Application Security Testing, Software Component Analysis, OWASP and application security weakness remediation.
Strong background or keen interest in security frameworks such as NIST Cybersecurity Framework, SANS security guidelines, OWASP security practices.
Professional security certifications preferred and a desire to pursue additional certifications.
CISSP and CSSLP certifications listed as preferred.
Outstanding analytical and problem‑solving capabilities with proven project management experience.
Exceptional interpersonal skills with demonstrated ability to communicate effectively across diverse teams and stakeholder groups.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Banking, Capital Markets, and Financial Services
#J-18808-Ljbffr
Senior Application Security Engineer
role at
Nomura , a leader in global banking and financial services.
This position is based in New York, NY, and reports directly to the Application Security Lead.
Role Overview We are looking for a talented and experienced professional to join our team as Senior Application Security Engineer with specific focus on DevSecOps, Dynamic Application Security Testing (DAST, UAT), and related activities. In this role, you will be part of a team leading the design, development, and implementation of robust and scalable application security solutions to protect Nomura’s critical assets. The role is technical and hands‑on and requires a deep understanding of application security practices (SAST, SCA, DAST) and generally the secure software development lifecycle (SDLC). You will play a key role in shaping our information security strategy and ensuring the resilience and effectiveness of application security solutions.
Key Responsibilities
Drive innovation in DevSecOps security automation across a global enterprise environment, implementing cutting‑edge solutions and best practices.
Build out and maintain a robust Dynamic Application Security Testing Practice, including managing and deploying our DAST tool.
Support onboarding and scanning of business applications and related processes.
Validate scans and risk‑assess findings (triage, attribution).
Read out findings to developers and advise on remediation.
Lead strategic partnerships with Application Security development teams to drive adoption of security best practices.
Implement robust security practices throughout the application lifecycle.
Foster collaborative relationships with key stakeholders to ensure alignment with industry security standards, compliance with regulatory requirements, implementation of robust security frameworks, and adherence to governance protocols.
Skills, Experience, Qualifications and Knowledge Required
Master’s or Bachelor’s degree in Computer Science, Information Technology, or related fields.
5+ years of proven information security experience, including expertise in Dynamic Application Security Testing, Static Application Security Testing, Software Component Analysis, OWASP and application security weakness remediation.
Strong background or keen interest in security frameworks such as NIST Cybersecurity Framework, SANS security guidelines, OWASP security practices.
Professional security certifications preferred and a desire to pursue additional certifications.
CISSP and CSSLP certifications listed as preferred.
Outstanding analytical and problem‑solving capabilities with proven project management experience.
Exceptional interpersonal skills with demonstrated ability to communicate effectively across diverse teams and stakeholder groups.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Banking, Capital Markets, and Financial Services
#J-18808-Ljbffr