Product Security Engineer II

Platform Operations Full-Time ALL US, United States Berwyn, Pennsylvania ReqID:5018


Envestnet is seeking a passionate and talented Product Security Engineer II to join our Information Technology team.

Envestnet, Inc. (NYSE: ENV) is transforming the way financial advice and wellness are delivered. Our mission is to empower advisors and financial service providers with innovative technology, solutions, and intelligence to make financial wellness a reality for everyone. 

Since our founding 20 years ago, we are fully vested in helping people live an intelligent financial life. If you love the idea of working in a Fintech company with the environment and excitement of a start-up where you are making everyday impact - then read on. 

Job Summary: 

The Application Security Engineer ensures that the engineering teams they partner with are leveraging the application security tools in their development lifecycle and providing assistance on vulnerability identification and remediation. You will aid in developing solutions to sustain current practices and look for opportunities to provide stronger security in the development lifecycle of internally developed software. You will participate in code reviews, provide solutions for streamlining and automating tools, work with engineering teams to address security in the development lifecycle, and advance security practices in the organization.

Job Responsibilities:

  • Work with various engineering teams to gain a complete understanding of the software development lifecycle used today to assist in enhancing the security of the software development lifecycle.
  • Experience with common web application vulnerabilities, such as the OWASP Top 10, and business logic flaws. Ability to explain vulnerabilities and weaknesses and discuss effective defensive techniques.
  • Assists in the development of application security policies, procedures, and standards.
  • Promote Application Security culture in our organization.
  • Assist with the implementation of Application Security tools, processes, and best practices.
  • Review requirements, participate in design reviews and recommend security requirements.
  • Perform code reviews and provide guidance on remediation, mitigation and enhancements.
  • Provide automation solutions for integration with engineering and application security tools.
  • Work with technical architects to review, recommend and consult on security matters.

Required Qualifications: 

  • Bachelor’s degree in Information Security, Computer Science, or related field.
  • Minimum 3-5 years in a software development environment using Java, .NET, or similar language.
  • Minimum 3-5 years of application security experience
  • Application security skills which includes OWASP top 10, mobile, integrations etc.
  • Ability to perform code reviews.
  • Practical experience setting up, configuring, and onboarding with security tools in the SDLC such as SAST, DAST, secure test plans, etc.
  • Experience with a modern SDLC including CI/CD pipelines, cloud architecture, API economies, and container deployment.
  • Understanding of cloud services like Amazon Web Services and Google Cloud

Preferred Qualifications: 

  • Security+, CEH or other security certifications are a plus. 

About Us:  

Envestnet is a leading independent provider of technology‐enabled investment and practice management solutions to financial advisors who are independent, as well as those who are associated with small or mid‐sized financial advisory firms and larger financial institutions. Envestnet's technology is focused on addressing financial advisors' front, middle, and back‐office needs while leveraging our platform to grow their businesses and expand client relationships. 

We offer a highly competitive compensation and benefits package as well as the excitement, challenges, and rewards of a fast-growing, entrepreneurial company. 

Why Choose Envestnet:

  • Be a member of a leading financial services and products innovation company
  • Competitive Compensation/Total Reward Packages that include:
    • Health Benefits (Health/Dental/Vision)
    • Paid Time Off (PTO) & Volunteer Time Off (VTO)
    • 401K – Company Match
    • Annual Bonus Incentives
    • Equity
    • Parental Stipend
    • Tuition Reimbursement
    • Student Debt Program
    • Charitable match
    • Wellness Program
  • Work on global projects with diverse, energetic, team members who respect each other and celebrate differences
  • The best work locations with unlimited snacks!

The salary range for this position is $63,000 to $140,000.

Envestnet is an Equal Opportunity Employer.