Description

• Designs, engineers, and maintains Data Loss Prevention (DLP) controls across cloud, SaaS, endpoint, and application environments, including policy design, alert tuning, exception handling, and ongoing optimization to reduce data exfiltration risk.
• Responsible for security engineering efforts for AI security tooling and controls, including configuration and enforcement of safeguards for generative AI platforms, AI-enabled SaaS applications, and internally developed AI capabilities to prevent data leakage, misuse, and unauthorized model access.
• Designs and implements new technologies, frameworks, and platform improvements. Serves as subject-matter expert for application security, engaging, collaborating, and advising on application security and application security analytics practices, standards, and methods.
• Collaborates with development and DevOps teams to integrate Azure security services (e.g., Azure Key Vault, Azure Security Center, Azure Active Directory) into CI/CD pipelines.
• Provides guidance on secure use of Azure App Services, Azure Functions, and containerized workloads in AKS (Azure Kubernetes Service).
• Configures resources to detect vulnerabilities to operating systems, applications, databases, and the network infrastructure components. Detects, enumerates, and classifies major vulnerabilities, performs trend analysis and reporting using vulnerability assessment tools and methodologies.
• Provides oversight and assurance for assessment of enterprise applications, including web, cloud, and mobile applications to deliver secure and robust solutions.
• Works with development and infrastructure members to identify and resolve security issues in context of any potential compensating controls (WAF, IPS, IDS, ML, AI, NBA, EUBA, CASB).
• Works with software developers to integrate application security across the entire CI/CD pipeline.
• Formulates and interprets penetration test information results for the enterprise. Manages vulnerability detection, analysis, and exploitation remediation to ensure confidentiality, integrity, and availability of mission critical information assets.
• Provides guidance using specialized knowledge and toolsets to operational teams during enterprise-wide crisis scenarios outside of the routine change management process or production scope.
• Performs other duties and projects assigned.

• Bachelor’s Degree in Computer Information Systems, Computer Science, Business, Engineering, or related field preferred and a minimum of ten (10) + years’ experience working in a similar field.
• Experience working in an information security organization and understanding of Governance, Risk, and Controls processes.
• Experience with vulnerability management, application security concepts, best practices, and architectures for API, Microservices, networking and data.
• Prior experience with application software development life cycle (SDLC) and Security Software development life cycle (SSDLC) required.
• Demonstrated comprehensive knowledge of networking components (routers, switches, load balancers, wireless access points); client/server relationships; relational databases and structured query language; encryption algorithms and ciphers (PKI/SSL); malicious code (works, viruses spyware, etc.); Virtual Private Networking; and multi-tier environments).
• Prior experience with DAST/SAST/WSA/API and OWASP Top 10 security controls.
• Experience in Waterfall, Agile, SCRUM, CI/CD and DevOps – secure DevOps experience a plus.
• Experience with Windows, macOS, Linux, and Unix operating systems.
• Preferred Certifications: CISSP, GIAC, CRISC, GCIH, CEH, GSEC, CCNA.
• Experience in the Mortgage industry preferred.

• Work with other passionate, purposeful, and customer-centric team members.
• Inclusive, diverse, and collaborative culture where people from all backgrounds can thrive.
• Extensive internal growth and professional development opportunities including tuition reimbursement.
• Comprehensive benefits package including Medical/Dental/Vision.
• Wellness program to support both mental and physical health.
• Generous paid time off options to support work-life balance.