Senior Application Security Engineer

Company OverviewHeadquartered in Atlanta, Georgia, GreenSky is a leading U.S. financial technology company Powering Commerce at the Point of Sale® for a growing ecosystem of merchants, consumers, and banks. Our highly scalable, proprietary, and patented technology platform enables merchants to offer frictionless promotional payment options to consumers at the point-of-sale, driving increased sales volume and accelerated cash flow. Banks leverage our technology to provide loans to super-prime and prime consumers nationwide. Since our inception over five million U.S. consumers have financed more than $41 billion in commerce through our paperless, real time "apply and buy" technology.Position: Sr. Application Security EngineerLocation: Atlanta or Remote USPosition OverviewGreenSky is looking for a versatile application security engineer to support the security engineering team and enhance our security capabilities. The ideal candidate will have a strong background in software development, excellent problem-solving skills, and the ability to work collaboratively with cross-functional teams. As a Senior Application Security Engineer, you will be responsible for designing, developing, and maintaining the application security program, tools and capabilities to ensure the security and integrity of our software solutions. This role will also involve conducting threat modeling to identify potential security risks and implementing automation to enhance the efficiency and reliability of our security processes. Additionally, you will be responsible for integrating security best practices into the development lifecycle and staying up to date with the latest security trends and technologies.Responsibilities:Implement and oversee various security technologies, including Web Application Firewalls (WAF), StaticDynamicInteractive Application Security Testing, penetration testing tooling, and other threat detection systems.Collaborate with product managers, designers, and other engineers to deliver high-quality software solutionsLeverage cloud native, open source and commercial tools to mature application security capabilities and drive automationBuild detections and dashboards as needed in the SIEM and assistant in technical investigations when incidents occurParticipate in code reviews and provide productive feedback to team members.Conduct threat modeling to identify potential security risksFocus on driving security efficiencies, enabling security team members to work on more advanced tegrate security best practices into the development lifecycleIdentify gaps in current capabilities and drive efforts to close the gapsMaintain up-to-date level of knowledge related to security threats, vulnerabilities and mitigations set forth to reduce attack surface Required SkillsQualifications:5+ years of experience in application security related fields Experience in detecting, analyzing, and resolving vulnerabilities in web applications, APIs, and mobile applications.Strong knowledge and experience with secure coding practices Up-to-date understanding of application security weaknesses for various technologies including web applications, databases, and multi-tier applicationsFamiliarity with DevSecOps methodologies and the integration of security into CICD pipelines using tools like GitLab and JenkinsExperience with threat modeling, design reviews, risk analysis and control design Ability to analyze event and incident logs and work with SOC and IR teams to assess security events related to malware, vulnerabilities, and exploitsExperience and proficiency in at least one programming language and framework (Java, Python, Ruby)Extensive expertise in network security, as well as authentication and authorization mechanisms GreenSky is an equal opportunity employer and will not discriminate against any employee or applicant on the basis of age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any classification protected by federal, state, or local law.

Created: 2025-02-14