Senior Application Security Engineer

Job description

About Us:

FlexTrade Systems is a global leader in high performance multi-asset execution management and order management systems for equities, fixed income, foreign exchange, futures, and options. A pioneer in the field, FlexTrade is internationally recognized for introducing FlexTRADER®, the world’s first broker-neutral, execution management trading system, which allows clients to completely control and customize their execution workflows through a comprehensive ability to search/access liquidity while maintaining the confidentiality of their trading strategies..


The Team

The Global Information Security team’s mission is to ensure FlexTrade and client’s security globally and to ensure solutions implemented by FlexTraders are secure and fulfill FlexTrade’s mission – Trade Your Best.


About You

FlexTrade Global Information Security is looking for a Senior Application Security Engineer who loves what they do. Reporting to the Global Information Security Manager, you’ll work with FlexTraders globally. The primary focus will be on ensuring FlexTrade internal applications are secure

Requirements

Responsibilities

  • Understand the end-to-end design of all company products
  • Perform static application security testing (SAST) of the code base
  • Perform dynamic application security testing (DAST) using open source and commercial tools
  • Identify and help developers understand how to mitigate vulnerabilities originating from third party components
  • Review security alerts and reports and work closely with the DevOps team to design workflows

Skills & Experience

  • 5-10 years of experience with application security/penetration testing work.
  • Experience using common application security testing tools and techniques to perform security assessments across web/mobile/API technologies.
  • Experience identifying security issues, assessing risk, and providing remediation guidance.
  • Experience working with Agile development/Scrum teams.
  • Have hands-on experience with various programming languages such as C++, Java and python.
  • Have knowledge of Software development life cycle
  • Have hands-on experience with DevSecOps and securing the CI/CD pipeline.
  • Have knowledge of Application Security Best practices and guidelines such as OWASP Application Security Verification Standard (ASVS) and OAuth2.
  • Experience with automation tools (e.g., Jenkins, Bamboo, GitLab, Kubernetes, Ansible, Chef, Puppet)
  • Understanding of cloud technology (Azure/AWS)

*FlexTrade Systems, Inc. is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law.