Senior Application Security Engineer

Employment Type: Full-time

Why TrueML?

TrueML is a mission-driven financial software company that aims to create better customer experiences for distressed borrowers. Consumers today want personal, digital-first experiences that align with their lifestyles, especially when it comes to managing finances. TrueML’s approach uses machine learning to engage each customer digitally and adjust strategies in real time in response to their interactions.

The TrueML team includes inspired data scientists, financial services industry experts, and customer experience fanatics building technology to serve people in a way that recognizes their unique needs and preferences as human beings and endeavors toward ensuring nobody gets locked out of the financial system.

Your Role

We are seeking a talented and motivated Senior Application Security Engineer with a strong background in AWS and DevOps practices. In this role, you will be responsible for ensuring the security of our applications throughout the development lifecycle. You will work closely with engineering teams to identify and mitigate security vulnerabilities, implement security best practices, and contribute to the organization's overall security strategy. The ideal candidate will have excellent communication skills and the ability to collaborate effectively with cross-functional teams.

Key Responsibilities

• Security Integration: Work with development and DevOps teams to integrate security into the software development lifecycle (SDLC).
• Vulnerability Management: Identify, assess, and mitigate security vulnerabilities in applications, infrastructure, and cloud environments.
• AWS Security: Implement and maintain security controls in AWS, including IAM policies, security groups, VPC configurations, and monitoring.
• DevOps Security: Collaborate with DevOps teams to incorporate security best practices in CI/CD pipelines, including automated testing, secure code reviews, and infrastructure as code (IaC) security.
• Threat Modeling: Conduct threat modeling and risk assessments to identify potential security threats and develop mitigation strategies.
• Incident Response: Assist in developing and executing incident response plans, including identifying and responding to security incidents.
• Compliance & Best Practices: Ensure that all systems and applications comply with relevant security standards, regulations, and best practices (e.g., OWASP, NIST, ISO 27001).
• Security Training: Provide security training and guidance to engineering teams to promote secure coding and infrastructure management practices.
• Continuous Improvement: Continuously monitor, evaluate, and improve security practices, tools, and processes.

Qualifications

• Education: Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience.
• Experience: 8+ years of experience in application security or a related role.
• AWS Experience: Strong experience with AWS security services and best practices.
• DevOps Experience: Experience with DevOps tools and practices, including CI/CD pipelines, containerization, and IaC.
• Technical Skills: Proficiency in at least... (Note: The original text was cut off here)

Benefits & Perks

• Everything you need to work remotely
• Unlimited PTO
• Medical/dental/vision insurance
• 401k through Charles Schwab
• Flexible Spending Account, Limited FSA, and Health Savings Account - with an eligible health care package.
• Company-paid short-term and long-term disability plus basic life insurance.
• Family-friendly maternity and paternity leave
• Employee assistance program (EAP) via Claremont. Get free short-term counseling for mental health, free + discounted legal consultations, free financial consultations, access to work/life consultants, and more!
• PerkSpot discount program. PerkSpot offers exclusive discounts to 900+ merchants nationwide, and has exclusive discounts up to 60% on hotels worldwide.
• Paid time off to do volunteer work in your community.
• Access to the Wellness Coach app for you and 5 family members