Sr. Applications Security Engineer
Location: Pasadena, CA
Job Function: Information Security
Job Code: 1070
# of openings: 1
HotJobs Status: Yes
Green Dot (NYSE: GDOT), which launched in 1999, is a publicly traded bank holding company primarily regulated by the Board of Governors of the Federal Reserve System. The Company provides widely distributed, low cost banking and payment solutions to a broad base of U.S. consumers. Green Dot's products and services include its market leading category of General Purpose Reloadable (GPR) prepaid cards and its industry-leading cash transfer network. Green Dot reloadable prepaid debit cards are designed for long-term, general spending and budgeting purposes and can be used everywhere that MasterCard or Visa debit cards are accepted. Green Dot has a wide product distribution network that includes approximately 60,000 retail stores nationwide, where 95% of Americans shop. Green Dot is headquartered in the greater Los Angeles area. For more details, visit www.greendot.com.
Senior Application Security Engineer
The Senior Application Security Engineer is a key member of the Information Security team at Green Dot Corporation. The Engineer will primarily be responsible for leading the development, implementation and maintenance of the Application Security program across all IT development groups. This is a hand's on position that requires someone who has had a great deal of application development and coding experience together with a very deep understanding of Information Security and Secure Coding principles.
- Developing the Application Security program through a very close collaboration all Green Dot development teams.
- The creation of all the necessary documentation that codifies the Application Security program. This will include the development of secure coding policies, procedures and standards, modification of the SDLC to include the necessary Security Checkpoints, code review methodologies etc.
- The development and leading of training programs that will be used to train developers on secure code development practices.
- Take the lead in ensuring that application security requirements are identified early on and are being baked into all projects.
- Plans, coordinates, and leads teams tasked with the design, integration, development, validation and implementation of specific security policies, systems and services.
- Evaluates new security technology & trends, and then makes recommendations to strengthen our information security environment.
- Identify application security risks and requirements for new projects and system developments.
- Develop security test plans and integrate into the software development lifecycle.
- Perform/oversee security testing and manage remediation of identified vulnerabilities
- Monitor and proactively report on current threats and vulnerabilities to application security.
- Sign-off on application security prior to live implementation
- Work with 3rd party suppliers to promote secure design and security testing.
- Provide technical specialist advice to ensure that security standards are understood and can be complied with.
- Prepare and monitor operational security metrics and trends.
- Leads the assessment and acquisition of application security tools and technologies.
- Participates as a subject matter expert in the Green Dot incident response program.
- Attends design and application architectural reviews and actively leads the discussions from a security standpoint.
- Mentor junior members of the Application Security team.
- Evaluates application development and implementation activities for possible vulnerabilities.
- Identifies gaps in compliance with PCI-DSS, GLBA, and SOX.
- In depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
- In depth understanding of secure web application development, .Net, C#, web services and SOAP
- In depth knowledge of SQL database architectures and database query languages.
- In depth knowledge of regulations and security compliance requirements such as PCI DSS, GLBA, and SOX.
- Good communication in English, both oral and written (presentations, technical reports and proposals);
- Strong analytical, evaluative, and problem-solving abilities;
- Membership and active participation in security organizations, such as OWASP, ISSA, and SANS.
Green Dot Corporation
- 2 years ago - save job
If you've got the green but not the plastic, Green Dot would like to help. The company offers prepaid debit cards through approximately...