Senior Platform Engineer

Company: EDWARD JONES
Location: Jefferson City
Posted on: January 25, 2023

Job Description:

At Edward Jones, we help clients achieve their serious, long-term financial goals by understanding their needs and implementing tailored solutions. To ensure a personal client experience, we have located our 15,000+ branch offices where our more than 7 million clients live and work.

In a typical branch office, a financial advisor meets with clients and receives branch office support, so they can focus on building deep relationships with clients. Headquarters associates in St. Louis, Tempe and Mississauga provide support and expertise to help U.S. and Canada branch teams deliver an ideal client experience. We continue to grow to meet the needs of long-term individual investors.The Software Security team is responsible for ensuring the delivery of secure software to our Financial Advisors and Home office associates. Our key systems include static application security testing, software composition analysis, container security, web access management, etc. We are responsible for supporting and enhancing our existing systems and developing technology solutions that support and elevate the technology division in alignment with firm's vision.
The application security platform engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying services, including connected dependencies such as middle-tier systems and databases. Additionally, the application security platform engineer addresses legacy and emerging security issues and implements repeatable secure development practices to reduce the introduction of program design flaws that may lead to exploitation. As issues are uncovered, the application security platform engineer communicates with the appropriate technical and leadership teams to ensure a focus on risk mitigation - allowing for business continuity, but without negligent risk. Application security platform engineers are constantly assessing applications for weaknesses and finding resolutions before they can be abused.

Responsibility Summary:

• Perform and analyze vulnerability testing.
• Document security findings and directly assist developers with reasonable methods to secure.
• Work in tandem with developers to provide repetitive validation testing prior to production while allowing for a continuous cycle of development followed by application security assessments.
• Directly assist developers hands-on with code details and assist with mitigation routes.
• Regularly monitor the security community for public-facing security issues, as well as to learn new tactics that can be used in testing.
• Attend and participate in application projects and change management committees. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning.
• Fully define and follow a security review process to ensure an automated and repeatable process is managed.
• Use security standards and implementation configurations, as well as common security frameworks.
• Prepare for and manage bug bounty programs. Document delivery and implementation advances that meet defined service-level agreements (SLAs) and business metrics.
• Align with architects and development teams for a mission of secure design.
• Train developers and junior application security engineers on weaknesses to avoid.
• Actively participate and lead security team meetings that facilitate secure design.
• Focus on application security that observes compliance -Sarbanes-Oxley Act (SOX), etc. - and other privacy laws.
• Respond to and handle service and escalation tickets within SLA expectations.
• Drive security efficiencies, enabling security team members to work on more advanced tasks.
• Excellent interpersonal and communication (written and verbal) skills.
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
  • At least 5+ years' experience in cybersecurity, including compliance and risk management security engineering background.
  • Highly technical and analytical experience, with a proven deep background (preferred 5+ years' in addition to cybersecurity) in application programming. Experience in threat modeling applications.
  • Vulnerability and penetration-testing skills.
  • Excellence in communicating business risk from cybersecurity issues.
  • Proficiency in software development (emphasis on Java).
  • Solid understanding of network and web protocols.
  • Experience with security of intra-company and third-party APIs.
  • Experience with dynamic and static scanning tools.
    • 100 Best Workplaces for Millennials in 2022, published Fortune July 2022, Great Places to Work - data as of March 2022. Compensation provided for using, not obtaining, the rating.
      • Edward Jones was recognized as one of the Best Workplaces for Millennials by Great Places to Work - and Fortune - magazine. The privately held firm ranked No. 2 overall, in its fourth appearance on the list.2022 Fortune Best Workplaces for Women, published September 2022, research by Great Places to Work -, data as of August 2021. Compensation provided for using, not obtaining, the rating.
        Edward Jones has been named to the 2022 Best Workplaces for Women list by Great Places to Work - and Fortune - magazine, ranking No. 45.2022 Fortune's 100 Best Companies to Work For, published April 2022, research by Great Place to Work -, data as of August 2021. Compensation provided for using, not obtaining, the rating.

        For the 23rd time, Edward Jones has earned a spot on the Fortune 100 Best Companies to Work For - ranking by Great Places to Work - and Fortune - magazine. Edward Jones ranked No. 35 on the prestigious 2022 list.2022 Best Places to Work For LGBTQ+ Equality, Great Place to Work - in partnership with Human Rights Campaign Foundation, published Equity Magazine January 2022, data as of July 2021. Compensation provided for using, not obtaining, the rating.

        Edward Jones scored 100 percent on the Human Rights Campaign Foundation's 2022 Corporate Equality Index (CEI) the nation's foremost benchmarking survey and report measuring corporate policies and practices related to LGBTQ+ workplace equality. The ranking designated Jones as one of the best places to work for LGBTQ+Equality.Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law.At Edward Jones, we value and respect our associates and their contributions, and we recognize individual efforts through a rewards program that promotes a long-term career, financial security and well-being. to learn more about our total compensation approach, which in addition to base salary, typically includes benefits, bonuses and profit sharing. The salary range for this role is based on national data and actual pay is based on skills, experience, education, and other relevant factors for a potential new associate:
        Salary: $106916 - $182047
        Category: Headquarters

Keywords: EDWARD JONES, Jefferson City , Senior Platform Engineer, Other , Jefferson City, Missouri