Jobs
>
New York City

    DevSecOps & Secure - SDLC Engineer - New York, United States - Marsh McLennan

    Marsh McLennan
    Marsh McLennan New York, United States

    1 month ago

    Default job background
    Regular
    Description

    Marsh McLennan is seeking candidates for the following position in our New York, Chicago, Atlanta, Phoenix, or Urbandale offices.

    DevSecOps & Secure-SDLC Engineer

    What can you expect?

    • Lead initiatives related to DevSecOps and Secure-SDLC.
    • Define and enhance the company's Secure Software development Lifecycle (Secure-SDLC) which in turn will reflect the company's Application Development Security Policy,
    • Select and standardize application security tools. This includes vendor/tool assessments and full POC,
    • Integrate Secure-SDLC requirements and other security policy/requirements into the DevSecOps processes,
    • Define and enhance application security requirements and standards which must be designed for agile development methods leveraging traditional application architectures as well as cloud architectures and container workloads.

    What is in it for you?

    • Marsh McLennan offers competitive employee benefits and a thriving culture
    • A company with a strong Brand and strong results to match;
    • Employee Resource Groups which provide access to leaders, relevant volunteer and mentoring opportunities, and interactions with counterparts in industry groups and client organizations.
    • Competitive pay (salary and bonus potential), Full benefits package – starting day one (medical, dental, vision, STD/LTD, life insurance, RSP (Retirement Savings Plan or TFSA (tax free savings account).
    • Tuition Reimbursement plan and participation in our Employee Stock Purchase Plan.
    • Entitled to vacation, floating holidays, time off to give back to your community, sick days, and provincial/national holidays (with early dismissal).

    We will count on you to:

    • Advise the application security leadership on best practices and standards around application security tools with main focus to unify vulnerability reporting, create predictable CI/CD pipeline processes, and enable application teams to develop new capabilities securely, and free from security defects, by design
    • Assess security tools currently used within the various business Software Development Life Cycle processes to identify business requirements, and rationalize the tools set
    • Select new application security tools including vendor/tool assessments and conduct full POC to prove that the security solutions/products are fit-for-purpose and fit-for-use
    • Draft documentations for the Secure-SDLC and DevSecOps to illustrate the frameworks and process guidelines to internal customers ensuring the style is palatable and easy to navigate
    • Assess impact of new publications from the security industry (e.g. NIST 800-XXX, ISO 2700X:2022, etc) on the company's AppSec programs
    • Research new trends and advise the application security leaderships on impact of the new trends as they relate to currently used tools, tool chain roadmap, efficiency and effectiveness of current processes, etc.
    • Standardize code weakness analysis processes
    • Promote the priorities set forth by Global Information Security function, and the roadmap set forth by the Global Application Security

    What you need to have:

    • 5 years+ DevSecOps and Secure-SDLC work experience
    • CISSP, CSSLP, cloud security, DevSecOps automation, or similar is required
    • Post-secondary education or equivalent experience as a DevSecOps Engineer
    • Develop/enhance and implement the Secure-SDLC framework
    • Design, implement, and rollout DevSecOps automations and tool chain
    • Implement sensors to collect data on key metrics for statistics and reporting
    • Serve as the subject matter expert in Secure-SDLC and DevSecOps
    • Advise on the processes and standards that are designed to implement a company's Application Development Security Policy
    • Experience in designing Secure-SDLC processes and relevant tooling to support the processes
    • Experience in software/application analysis tools like SAST, DAST, SCA, IAST, RASP, threat modeling, etc.
    • Technical hands-on experience in automating and integrating analysis tools into the DevSecOps pipeline.

    What makes you stand out:

    • Identify application security requirements and brainstorm solutions
    • Assess the tooling and remediation of threats and vulnerabilities within our software/applications, and the hosting environment

    In accordance with applicable legislation, Marsh will provide a reasonable accommodation to employees and prospective employees to the point of undue hardship upon request and as required in respect of the individual's particular restrictions and limitations. If you require a specific accommodation because of a disability or medical need please contact

    Marsh is the world's leading insurance broker and risk adviser. With over 35,000 colleagues operating in more than 130 countries, Marsh serves commercial and individual clients with data driven risk solutions and advisory services. Marsh is a business of Marsh McLennan (NYSE: MMC), the leading global professional services firm in the areas of risk, strategy and people. With annual revenue approaching US $17 billion and 76,000 colleagues worldwide, MMC helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses: Marsh, Guy Carpenter, Mercer, and Oliver Wyman. Follow Marsh on Twitter @MarshGlobal; LinkedIn; Facebook; and YouTube, or subscribe to BRINK.

    Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people regardless of their sex/gender, marital or parental status, ethnic origin, nationality, age, background, disability, sexual orientation, gender identity or any other characteristic protected by applicable law.

    The applicable base salary range for this role is $89,200 to $178,400.

    The base pay offered will be determined on factors such as experience, skills, training, location, certifications, education, and any applicable minimum wage requirements. Decisions will be determined on a case-by-case basis. In addition to the base salary, this position may be eligible for performance-based incentives.

    We are excited to offer a competitive total rewards package which includes health and welfare benefits, tuition assistance, 401K savings and other retirement programs as well as employee assistance programs.

  • Marsh McLennan

    DevSecOps & Secure-SDLC Engineer

    1 day ago

    Marsh McLennan New York, United States Regular

    Marsh McLennan is seeking candidates for the following position in our New York, Chicago, Atlanta, Phoenix, or Urbandale offices. · DevSecOps & Secure-SDLC Engineer · What can you expect? · Lead initiatives related to DevSecOps and Secure-SDLC. · Define and enhance the company's ...

  • Deutsche Bank

    DevOps - SDLC and Automation Engineer - Trading Technology - Assistant Vice President

    2 weeks ago

    Deutsche Bank New York, United States

    DevOps - SDLC and Automation Engineer - Trading Technology - Assistant Vice President · Job ID:R Full/Part-Time: Full-time Regular/Temporary: Regular Listed: Location: New York ...

  • McGregor Boyall

    Quant Systems: Systems Engineer

    4 weeks ago

    McGregor Boyall New York, United States

    A leading investment and technology development firm is searching for a quant systems engineer to join their Quant Systems Group, an engineering team responsible for providing high performance trading and research infrastructure. · Your responsibilites will include working on a w ...

  • Datadog

    Security Engineer 2

    2 weeks ago

    Datadog New York, United States

    Security Engineer 2 - Adversary Simulation Operations · New York, New York, USA · We're looking for engineers with a background in offensive security in the areas of Kubernetes and container security, network penetration testing, application security and cloud infrastructure. Ex ...

  • Avispa Technology

    Technical Project Manager

    1 week ago

    Avispa Technology New York, United States From $75.00 to $75.00 per hour

    Job Description Technical Project Manager - Video Engineering PMOUNTJP · A leading digital streaming network is seeking a Technical Project Manager - Video Engineering. The successful candidate will manage multiple Video Engineering scrum team workflows, task tracking, and pr ...

  • PRI Technology

    Snowflake Datawarehouse Engineer

    1 week ago

    PRI Technology New York, United States

    Sr. Data Engineer · Full-time/Permanent role; No third party resumes please. · Hybrid - 3 days/week onsite in NYC. · We are looking for a Sr. Data Engineer who can build a high-performing cloud data platform to meet our analytical and BI reporting needs. This role will work as a ...

  • Themesoft Inc.

    Python Developer

    1 week ago

    Themesoft Inc. New Jersey, United States

    PYTHON DEVELOPER · Need to do hybrid at Jersey City NJ · Responsibilities: · Design and implementation of low-latency, high-availability, and performant applications · Analyze technical requirements and interpret them into code · Writing reusable, testable, and efficient code · W ...

  • STAND 8 Technology Services

    Tech Project Manager/Scrum Master

    4 days ago

    STAND 8 Technology Services New York, United States

    STAND 8 is a global leader providing end-to-end IT Solutions. We solve business problems through PEOPLE, PROCESS, and TECHNOLOGY and are looking for individuals to help us scale software projects designed to change the world · We are seeking a dynamic Scrum Master to join our PMO ...

  • ro-co

    Sr. Director, Product Security

    2 weeks ago

    ro-co New York, United States Full time

    Who are you? You are a proven senior leader and hands-on software engineer. You enjoy the balance of leading with mentoring a team of rockstars and rolling up your sleeves to join in troubleshooting and incident response efforts. You can still write and review code. You are a sec ...

  • AMEX

    Engineers

    1 day ago

    AMEX New York, United States

    American Express Travel Related Services Company, Inc. seeks Engineers to serve as a core member of an engineering team to develop digital and automated solutions for our customers. Develop and design software applications, translating user needs into systems architecture. Assess ...

  • STAND 8 Technology Services

    Tech Project Manager/Scrum Master

    1 day ago

    STAND 8 Technology Services New York, United States

    STAND 8 is a global leader providing end-to-end IT Solutions. We solve business problems through PEOPLE, PROCESS, and TECHNOLOGY and are looking for individuals to help us scale software projects designed to change the world · We are seeking a dynamic Scrum Master to join our PMO ...

  • Oxford Knight

    C++ Quant Developer

    3 weeks ago

    Oxford Knight New York, United States Full time

    Salary: $250k base, TC $350k · Experience: 5-8 years · Job Description: · Fantastic opportunity for a modern C++ engineer to join a core quant group of researchers and developers at one of the world's most prestigious hedge funds. This group provides an intraday and end-of-day ...

  • FIT

    Enterprise Applications

    2 weeks ago

    FIT New York, United States Full time

    Job Description · : · This position will manage system and web development, DBA, and support resources, and have hands-on technical, project leadership and problem resolution responsibilities. It will be responsible for the staff, systems, environments, and vendor relationships ...

  • Rackspace

    Senior Engagement Manager

    5 days ago

    Rackspace New York, United States Full - Time

    Job Summary: The Rackspace Engagement Manager will manage several individual but related projects to the required standard of quality within the specified constraints of time and cost for the customer. The projects are typically medium to large, with medium complexity and have hi ...

  • HireTalent

    AEM Developer

    1 week ago

    HireTalent Newark, United States

    Job Description · As an AEM Developer/SME in Digital CMS, you will partner with product owners, tech leads, designers, engineers and delivery professionals to develop digital consumer experiences using Adobe s AEM product suite. Responsibilities will include, developing and imple ...

  • Scotiabank

    Senior Manager

    1 week ago

    Scotiabank New York, United States

    Requisition ID: 197578 · Salary Range: 169, ,229.00 · Please note that the Salary Range shown is a guideline only. Salary offered may vary based on factors, including, but not limited to, the successful candidate's relevant knowledge, skills, and experience. · Join a purpose dri ...

  • 0000050007 Royal Bank of Canada

    Senior Low Latency Engineer

    6 days ago

    0000050007 Royal Bank of Canada New York, United States Full time

    Job Description · RBC Capital Markets seeks a Senior Low Latency Engineer in New York, NY to design and develop solutions to complex applications problems, system administration issues, or network concerns. Perform systems management and integration functions. Verify stability, ...

  • Matlen Silver

    Python Developer-W2 Only

    1 week ago

    Matlen Silver New York, United States

    W2 Only · Job Title: Python Developer · Job Summary: Our client in the banking industry is looking for a Python Developer to join their Enterprise Capital Management technology team. They are looking for a strong individual performer with ability to work in a fast-paced agile e ...

  • S&P Global

    Lead Application Security Engineer

    4 weeks ago

    S&P Global New York, United States Full time

    About the Role · : Grade Level (for internal use): · 11 Title: Lead Application Security Engineer · Location: Virtual, US & Toronto, Canada · Grade: 11 (for internal purposes only) · The Team · S&P Ratings Security team focuses on protecting our clients and users from all aspe ...

  • S&P Global

    Software Developer

    1 week ago

    S&P Global New York, United States Full time

    About the Role · : Grade Level (for internal use): · 08 S&P Global Market Intelligence · The Team : · You will work with a team of intelligent, ambitious and hard-working software professionals recruited from reputed universities and industries. The team is responsible for ...