- Lead initiatives related to DevSecOps and Secure-SDLC.
- Define and enhance the company's Secure Software development Lifecycle (Secure-SDLC) which in turn will reflect the company's Application Development Security Policy,
- Select and standardize application security tools. This includes vendor/tool assessments and full POC,
- Integrate Secure-SDLC requirements and other security policy/requirements into the DevSecOps processes,
- Define and enhance application security requirements and standards which must be designed for agile development methods leveraging traditional application architectures as well as cloud architectures and container workloads.
- Performance – Based Career Growth - Global career opportunities
- Culture – Work in a culture with strong values
- Benefits – competitive salaries and comprehensive benefits and programs including health and welfare, tuition assistance, 401K, employee assistance program, domestic partnership benefits, career mobility, employee network groups, volunteer opportunities, and other programs
- Continuous learning opportunities
- Advise the application security leadership on best practices and standards around application security tools with main focus to unify vulnerability reporting, create predictable CI/CD pipeline processes, and enable application teams to develop new capabilities securely, and free from security defects, by design
- Assess security tools currently used within the various business Software Development Life Cycle processes to identify business requirements, and rationalize the tools set
- Select new application security tools including vendor/tool assessments and conduct full POC to prove that the security solutions/products are fit-for-purpose and fit-for-use
- Draft documentations for the Secure-SDLC and DevSecOps to illustrate the frameworks and process guidelines to internal customers ensuring the style is palatable and easy to navigate
- Assess impact of new publications from the security industry (e.g. NIST 800-XXX, ISO 2700X:2022, etc) on the company's AppSec programs
- Research new trends and advise the application security leaderships on impact of the new trends as they relate to currently used tools, tool chain roadmap, efficiency and effectiveness of current processes, etc.
- Standardize code weakness analysis processes
- Promote the priorities set forth by Global Information Security function, and the roadmap set forth by the Global Application Security
- 5 years+ DevSecOps and Secure-SDLC work experience
- CISSP, CSSLP, cloud security, DevSecOps automation, or similar is required
- Post-secondary education or equivalent experience as a DevSecOps Engineer
- Develop/enhance and implement the Secure-SDLC framework
- Design, implement, and rollout DevSecOps automations and tool chain
- Implement sensors to collect data on key metrics for statistics and reporting
- Serve as the subject matter expert in Secure-SDLC and DevSecOps
- Advise on the processes and standards that are designed to implement a company's Application Development Security Policy
- Experience in designing Secure-SDLC processes and relevant tooling to support the processes
- Experience in software/application analysis tools like SAST, DAST, SCA, IAST, RASP, threat modeling, etc.
- Technical hands-on experience in automating and integrating analysis tools into the DevSecOps pipeline.
- Identify application security requirements and brainstorm solutions
- Assess the tooling and remediation of threats and vulnerabilities within our software/applications, and the hosting environment
-
DevSecOps & Secure - SDLC Engineer
3 weeks ago
Marsh McLennan New York, United States RegularMarsh McLennan is seeking candidates for the following position in our New York, Chicago, Atlanta, Phoenix, or Urbandale offices. · DevSecOps & Secure-SDLC Engineer · What can you expect? · Lead initiatives related to DevSecOps and Secure-SDLC. · Define and enhance the company's ...
-
IT security/security engineer
3 weeks ago
Aurora Ventures College City, United StatesAs a major regional employer, the Diocese of Essen employs professionals and leaders from over 30 different professions. · The Diocese of Essen is the sponsor of numerous educational institutions such as schools of various types, adult and family education facilities, kindergarte ...
-
Security Engineer
3 weeks ago
Datadog New York, United StatesWe are looking for a Security Engineer for the Software Integrity and Trust team to build systems that protect Datadog against various forms of supply-chain attacks. · You'll join at an ideal time to make a big impact: supply-chain attacks continue to be one of the fastest growin ...
-
Security Engineer
6 days ago
Galaxy USA New York, United StatesWho We Are: · At Galaxy we are building products and services to help the world invest in economic progress. We believe crypto and blockchain innovations will permeate and improve all aspects of our global economy. Our vision is a society where value and ownership flow as freely ...
-
Security Engineer
4 weeks ago
DBI Staffing New York, United States***MUST BE COMMUTABLE TO THE NYC OFFICE BUT WON'T BE REQUIRED TO COME IN*** · As a Security Engineer you will play a crucial role in developing and maintaining the firm's cybersecurity infrastructure. This role includes hands-on design and administration of the Microsoft 365 Secu ...
-
Security Engineer
2 weeks ago
Paragon Alpha - Hedge Fund Talent Business New York, United StatesOur client are a Tier 1 Hedge Fund, who take a quant approach to investing, and look after $63 billion in assets. After consistent and strong returns across their portfolios, they are hiring technical talent for both the London and NY office. · This hedge fund places security at ...
-
Security Engineer
2 weeks ago
Celonis GmbH New York, United StatesWe're Celonis, the global leader in Process Mining technology and one of the world's fastest-growing SaaS firms. We believe there is a massive opportunity to unlock productivity by placing data and intelligence at the core of business processes - and for that, we need you to join ...
-
Security Engineer
6 days ago
Green Key Resources New York, United StatesDepartment: Infrastructure Services · StaffTitle: Security Engineer · Reportsto: Director of IT · FLSAStatus: Exempt · WorkingConditions: Full-time (M-F), Office Business Settings. This is an On-Premises position. Monday through Thursday (9-5) and remote on Fridays only (No excep ...
-
Security Engineer
4 weeks ago
PRI Technology New York, United StatesThis is an onsite role in New York, NY · MUST HAVES: · "The ideal candidate for this requirement would have experience in assessing, implementing solutions, designing, and executing security controls. An additional advantage, as mentioned in the requisition, is expertise in clou ...
-
Security Engineer
2 weeks ago
Foursquare New York, United StatesAbout Foursquare · Foursquare is the leading independent location technology and data cloud platform, dedicated to building meaningful bridges between digital spaces and physical places. Our proprietary technology unlocks the most accurate, trustworthy location data in the worl ...
-
Security Engineer
6 days ago
MedReview Inc. New York, United StatesWorkingConditions: Full-time (M-F), Office Business Settings. This is an On-Premises position. Monday through Thursday (9-5) and remote on Fridays only . · PositionSummary –The Security Engineer is responsible for securing – maintaining and monitoring MedReview's enterprise infra ...
-
Security Engineer
6 days ago
Green Key Resources New York, United StatesVulnerability detection through scanning platforms (Rapid7) · Implementation and planning with business and engineering team of found vulnerabilities · Remediation of vulnerabilities through multiple vectors (WSUS, GPO) · Antivirus policy creation, reporting, and remediation on ...
-
IT Security Engineer
3 weeks ago
NYC Health Hospitals New York, United StatesMetroPlusHealth provides the highest quality healthcare services to residents of Bronx, Brooklyn, Manhattan, Queens and Staten Island through a comprehensive list of products, including, but not limited to, New York State Medicaid Managed Care, Medicare, Child Health Plus, Exchan ...
-
Security Engineer
2 weeks ago
Locke and McCloud New York, United StatesSecurity Engineer (SOC) - Hybrid Role · Are you a seasoned Security Engineer with a passion for protecting critical assets and ensuring operational resilience? We are thrilled to announce an exciting opportunity for a Security Engineer (SOC) to join a leading organization in Okla ...
-
IT Security Engineer
1 week ago
MetroPlus Health Plan New York, United StatesIT Security Engineer · Do you have the right skills and experience for this role Read on to find out, and make your application. · Job Ref: 99336 · Category: Information Technology · Department: MHP INFORMATION SECURITY · Location: 50 Water Street, 7th Floor, · New York, · ...
-
Security Engineer
1 week ago
Bilt Rewards New York, United StatesSecurity Engineer · Reporting to: Chief Information Security Officer · Location: New York, NY · What is Bilt? · Bilt Rewards is the first program for consumers to earn rewards on rent and daily neighborhood spend while creating a path towards home ownership. · With an allianc ...
-
Security Engineer
2 weeks ago
Nationstaff New York, United StatesAbout This Role · We are seeking a highly capable Security Engineer / Senior Security Engineer, who will be responsible for various technical and cryptographic security aspects. This role requires a certain range of experience and an in-depth understanding of security engineerin ...
-
Security Engineer
1 week ago
TSR Consulting New York, United StatesAbout TSR: · Make your application after reading the following skill and qualification requirements for this position. · TSR is a relationship-based, customer-focused IT and technical services staffing company. · For over 40 years TSR, Inc. and its wholly owned subsidiary, TSR ...
-
IT Security Engineer
1 week ago
NYC Health Hospitals New York, United StatesMetroPlus Health provides the highest quality healthcare services to residents of Bronx, Brooklyn, Manhattan, Queens and Staten Island through a comprehensive list of products, including, but not limited to, New York State Medicaid Managed Care, Medicare, Child Health Plus, Excha ...
-
Security Engineer
3 weeks ago
Meta Defunct New York, United StatesSummary: · Meta Security is looking for a Security Engineer with experience in threat modeling, TTP identification, and detection engineering. You'll work alongside Software Engineers and Offensive Security Engineers to identify critical assets, assess the top risks, and evaluate ...
DevSecOps & Secure-SDLC Engineer - New York, United States - Marsh McLennan
Description
Marsh McLennan is seeking candidates for the following position in our New York, Chicago, Atlanta, Phoenix, or Urbandale offices.
DevSecOps & Secure-SDLC Engineer
What can you expect?
What is in it for you?
We will count on you to:
What you need to have:
What makes you stand out:
In accordance with applicable legislation, Marsh will provide a reasonable accommodation to employees and prospective employees to the point of undue hardship upon request and as required in respect of the individual's particular restrictions and limitations. If you require a specific accommodation because of a disability or medical need please contact
Marsh is the world's leading insurance broker and risk adviser. With over 35,000 colleagues operating in more than 130 countries, Marsh serves commercial and individual clients with data driven risk solutions and advisory services. Marsh is a business of Marsh McLennan (NYSE: MMC), the leading global professional services firm in the areas of risk, strategy and people. With annual revenue approaching US $17 billion and 76,000 colleagues worldwide, MMC helps clients navigate an increasingly dynamic and complex environment through four market-leading businesses: Marsh, Guy Carpenter, Mercer, and Oliver Wyman. Follow Marsh on Twitter @MarshGlobal; LinkedIn; Facebook; and YouTube, or subscribe to BRINK.
Marsh McLennan is committed to embracing a diverse, inclusive and flexible work environment. We aim to attract and retain the best people regardless of their sex/gender, marital or parental status, ethnic origin, nationality, age, background, disability, sexual orientation, gender identity or any other characteristic protected by applicable law.
The applicable base salary range for this role is $89,200 to $178,400.
The base pay offered will be determined on factors such as experience, skills, training, location, certifications, education, and any applicable minimum wage requirements. Decisions will be determined on a case-by-case basis. In addition to the base salary, this position may be eligible for performance-based incentives.
We are excited to offer a competitive total rewards package which includes health and welfare benefits, tuition assistance, 401K savings and other retirement programs as well as employee assistance programs.
DevSecOps & Secure-SDLC Engineer professionals in New York City
-
Daniel Melendez
CISSP
-
Aditya Adya
Full Stack Developer
-
Mohd Zoha Khan
Program Manager with DevSecOps & Cloud experience
-
Oliver white
Content writer
-
Edgard Otero-Chaparro
Software QA Engineer | Manual Web & Mobile Testing
-
Kevin Romero
{Security, Software, Cloud} Engineer