Mechanics Bank
Mechanics Bank is on the lookout for an enthusiastic Application Security Specialist to join our dynamic team. At Mechanics Bank, we prioritize building connections, nurturing partnerships, and creating long-term relationships while collaborating in person. This role allows for remote work within the US.
In this position, you will play a vital role in safeguarding the bank's network and external applications through proactive measures such as continuous penetration testing, application code review, threat hunting, web application firewall management, and vulnerability scanning. You will need to effectively communicate remediation requirements to technical and business leaders and take a leadership role in DevSecOps discussions and planning.
Your Key Responsibilities:
Define Security Requirements:
Collaborate closely with the application development teams to establish security standards for new applications, ensuring adherence to best practices throughout the development lifecycle. Continuous Penetration Testing:
Conduct ongoing penetration tests, document findings, and provide detailed reports outlining risks and necessary resolutions, and drive the implementation of improvements based on outcomes. Lead Security Research:
Stay ahead of threats and share insight with Information Security and IT teams. Direct the implementation of recommended security measures. Incident Response:
Analyze security events and lead incident response efforts, including triage and remediation, while refining response processes and playbooks. Vulnerability Management:
Manage and improve the network vulnerability management program, regularly assessing practices to ensure compliance with current security standards. Risk Assessments:
Assist in conducting risk assessments to validate existing controls and evaluate potential impacts of business process changes. Support Audits:
Provide technical support during audits and examinations from regulatory agencies, external auditors, and internal auditors. Your Qualifications: Preferred:
Bachelor’s Degree in a related field, or equivalent combination of education, certifications, and experience. Required:
3 - 5 years' experience in application security, penetration testing, or a related role. Technical Skills:
Proficiency in one or more programming languages (C#, Angular JavaScript, T-SQL) and knowledge of scripting languages (Python, Perl, Bash, PowerShell). Certifications:
Preferred industry-standard certifications (CompTIA CASP+, GIAC, EC-Council, (ISC)2, OSCP, etc.). Understanding:
Familiarity with Linux, Windows, and Mac OS environments, along with threats like XSS, SQL injection, and others from the OWASP Top 10. Soft Skills:
Strong oral and written communication skills, with an ability to convey complex technical concepts to stakeholders at all levels. Compensation:
The pay range for this position is $130,000 - $170,000 annually. Final compensation will be determined based on experience, education, skills, internal equity, and geographic market data. Mechanics Bank is an equal opportunity employer. We welcome applicants regardless of race, color, sex, sexual orientation, religion, national origin, age, genetic information, veteran status, disability, or gender identity.
Collaborate closely with the application development teams to establish security standards for new applications, ensuring adherence to best practices throughout the development lifecycle. Continuous Penetration Testing:
Conduct ongoing penetration tests, document findings, and provide detailed reports outlining risks and necessary resolutions, and drive the implementation of improvements based on outcomes. Lead Security Research:
Stay ahead of threats and share insight with Information Security and IT teams. Direct the implementation of recommended security measures. Incident Response:
Analyze security events and lead incident response efforts, including triage and remediation, while refining response processes and playbooks. Vulnerability Management:
Manage and improve the network vulnerability management program, regularly assessing practices to ensure compliance with current security standards. Risk Assessments:
Assist in conducting risk assessments to validate existing controls and evaluate potential impacts of business process changes. Support Audits:
Provide technical support during audits and examinations from regulatory agencies, external auditors, and internal auditors. Your Qualifications: Preferred:
Bachelor’s Degree in a related field, or equivalent combination of education, certifications, and experience. Required:
3 - 5 years' experience in application security, penetration testing, or a related role. Technical Skills:
Proficiency in one or more programming languages (C#, Angular JavaScript, T-SQL) and knowledge of scripting languages (Python, Perl, Bash, PowerShell). Certifications:
Preferred industry-standard certifications (CompTIA CASP+, GIAC, EC-Council, (ISC)2, OSCP, etc.). Understanding:
Familiarity with Linux, Windows, and Mac OS environments, along with threats like XSS, SQL injection, and others from the OWASP Top 10. Soft Skills:
Strong oral and written communication skills, with an ability to convey complex technical concepts to stakeholders at all levels. Compensation:
The pay range for this position is $130,000 - $170,000 annually. Final compensation will be determined based on experience, education, skills, internal equity, and geographic market data. Mechanics Bank is an equal opportunity employer. We welcome applicants regardless of race, color, sex, sexual orientation, religion, national origin, age, genetic information, veteran status, disability, or gender identity.