Job Title: Application Security Engineer (Java Coding Experience Must)

Location: Houston, TX (Local Candidates Preferred)

Type : C2H

What you’ll be responsible for:

• Collaborate with development teams to identify and mitigate product and solution architecture security vulnerabilities.
• Engage closely with Jack Henry's enterprise security team and Credit Union (CU) solution development teams to conduct thorough enterprise security assessments, review findings, and implement highly effective remediation strategies.
• Provide guidance and training to development teams on secure coding practices and security best practices.
• Attend software architecture review sessions to assess designs from a security standpoint, ensuring compliance with established security standards, policies, and requirements. Contribute by providing insights, asking pertinent security-related questions, and offering recommendations to enhance the security posture of the proposed solutions.
• Stay current on security threats, trends, and technologies to address emerging risks proactively.
• Effective communicator delivering key messages to team stakeholders and business partners using clear, informative verbal and written communications.
• Experience in application and product security coupled with a strong understanding and knowledge of relevant technology stacks.
• Understanding of software development and system configurations and being able to recommend modifications to those to ensure better security posture.

What you’ll need to have:

• Bachelor’s degree in computer science, Information Security, or equivalent experience
• Proven experience working as an Application Security Engineer.
• Strong understanding of software development processes and methodologies.
• Ability to work collaboratively in a team environment and adapt to a dynamic and evolving security landscape.
• Hands-on experience with security tools and vulnerability report analysis.
• Knowledge of security standards and frameworks like OWASP, NIST, and CIS.
• Excellent communication skills to convey complex security concepts and findings to both technical and non-technical stakeholders.
• Strong analytical skills and proficiency in data analysis tools and technologies.

What would be nice for you to have:

• Coding experience with two or more programming languages
• Familiarity with PCI DSS (Payment Card Industry Data Security Standard) requirements and best practices
• Experience with penetration tests and penetration test report analysis.
• Understanding of three or more security domains (such as platform security, network security, application security, etc.).
• Knowledge of security information and event management (SIEM) systems and security data analytics tools.