Application Security Engineer II

Who Are We? Taking care of our customers, our communities and each other. That's the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it. Compensation Overview The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards. Salary Range $111,600.00 - $184,200.00 Target Openings 1 What Is the Opportunity? Travelers is seeking an Application Security Engineer II to join our organization as we grow and transform our Technology landscape. Individual will complete advanced end to end security engineering tasks for specific system including security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews, and will provide defensive coding techniques consulting. Works with circle leads in a Value Stream on security and performs Application Security testing for Value Stream. Provides guidance on testing to Application Security Engineer I. Performs application architecture security reviews. Partners with Cybersecurity and Enterprise Security Engineering on testing and remediation of vulnerabilities and implementation of Cybersecurity patterns. What Will You Do? Contribute to the creation of an application penetration testing framework. Conduct thorough penetration testing on web, mobile, and cloud-based applications to identify security vulnerabilities. Develop and execute test plans, scripts, and methodologies for application security assessments. Document and report findings, including detailed descriptions of vulnerabilities, potential impact, and recommended remediation steps. Perform security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews and advise on defensive coding techniques with a high degree of accuracy and speed, operating as an individual contributor to team goals. Work independently to tackle well-scoped and loosely scoped problems. Seek opportunities to expand technical knowledge and capabilities. Provide technical guidance and mentorship to less experienced employees. Perform other duties as assigned. What Will Our Ideal Candidate Have? Bachelor's degree plus four years of application security experience and/or certifications such as OSCP, OSWA, or GWAPT. Proficiency using penetration testing tools such as Burp Suite. Strong knowledge of common application vulnerabilities (e.g., OWASP Top Ten). Experience reviewing reported application vulnerabilities from outside testers and researchers for impact and likelihood to Travelers. Experience with DAST tooling and supporting a scalable and integrated strategy to test applications. Familiarity with threat modeling methodologies. Intermediate delivery skills including the ability to estimate accurate timelines for tasks and deliver work at a steady, predictable pace to achieve commitments. Demonstrated track record of domain expertise including understanding technical concepts necessary to do the job effectively. Strong problem solver who ensures solutions are built for the long term. Strong communicator who possesses the ability to articulate information clearly and concisely with the business. Intermediate leadership skills with the ability to help create a safe environment for others to learn and grow as engineers. What is a Must Have? Three years of system security experience. What Is in It for You? Health Insurance: Employees and their eligible family members - including spouses, domestic partners, and children - are eligible for coverage from the first day of employment. Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays. Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Employment Practices Travelers is an equal opportunity employer. We believe that we can deliver the very best products and services when our workforce reflects the diverse customers and communities we serve. In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions. #J-18808-Ljbffr

Created: 2025-02-10