Enable America Jobs

The Cyber Tech Security Engineer will support the deployment of current and future Application Security tools and manage the documentation of the programs coming out of the Cyber teams for the understanding of our clients and team members.

Responsibilities

• As a member of the Application Security Engineering team drive programs to evaluate, select, deploy, and integrate security tooling (SAST, DAST, API Monitoring, etc) in CI/CD pipelines and empower development and deployment teams to incorporate security tooling and processes in all aspects of development and deployment operations.

• Assist in building, hardening, maintaining a comprehensive security orchestration platform within continuous integration & deployment pipelines.

• Work with and develop relationships with platform & cloud engineering and software deployment teams to ensure security processes & tooling in development and deployment pipelines.

• Maintain a strong client focus by understanding the client’s business needs while developing productive working relationships with client personnel to accomplish audit objectives.

• Work with appropriate stakeholders to ensure efficient response to issues detected by security tooling.

• Assist development teams with rapid understanding, impact assessment and remediation of detected security issues.

• Work in tandem with teams including Application Security Architecture, Security Architecture, Development, Deployment, Cloud Security, Cloud & Platform Engineering, SOC & Cyber Defense Operations, Vulnerability Management, and other IT Operations Teams to identify and implement the most optimal solutions for the company and its customers.

• Identify and automate repetitive and/or manually time-consuming tasks.

• Assist Application Security Architecture team providing evaluation, guidance, and onboarding support to development and operations teams regarding new applications.

• Have a basic understanding of DevOps principals and methodologies.

Additional Responsibilities

• Attend and host meetings and provide support in the form of targeted agendas, meeting notes, communications, and follow-up delivery.

• Maintain relevant and current professional knowledge via in-house training, online resources, attendance at professional events, and personal investment in continued education and certification.

• Monitor industry trends for changes, risks, releases, and advancements in DevOps & DevSecOps, cloud computing and technologies, and development frameworks.

• Develop and maintain working relationships with development and deployment teams, their leadership, and various other stakeholders, including pertinent vendors.

• Analyze and review existing processes and procedures to determine areas of possible improvement that will lead to gains in efficiency and security.

• Participate in special projects and perform other duties as assigned.

• Complete relevant training through platforms such as A Cloud Guru and RangeForce to develop new skills and technical expertise including proactively organizing, summarizing, and sharing knowledge with others.

Qualifications

• 2 - 5 year(s) of relevant consulting or industry experience.

• 2+ years of pertinent professional experience in DevOps/DevSecOps, with exposure to a variety of technologies and domains.

• Understanding of cloud computing and cloud security concepts, and some fluency with cloud management tools/commands.

• Knowledge of Cyber Security programs and dependencies on Development and Operations teams.

• Knowledge of Application Security Engineering programs and their implementation of CICD pipeline process.

• Experience in providing support related to various Audit and Risk requirements.

• Experience writing standard operating procedures, system requirements, and other technical documents.

• Working knowledge of software-defined lifecycles, product packaging, and deployments

• Experience with cloud automation tools such as GitLab, Jenkins, Puppet, Chef, Harness, Terraform, CloudFormation, Ansible, SALT, etc.

• Knowledge of containerized technologies like Kubernetes, Docker, etc.

• Some experience scripting with Bash, Python, PowerShell, NodeJs, JavaScript, etc.

• Some experience coding in more programming languages such as C++, Java, C#, etc.

• Familiarity with Cloud Architecture & Security design.

• Knowledge of WAF, IDS/IPS, SIEM, SOAR, EDR, UEBA, Application Whitelisting, Vulnerability Management.

• Experience with API development, tooling, and security.

• Experience conducting Static Application Security Testing (SAST), Software Composition Analysis (SCA), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), assessing results, and remediating findings.

• Working knowledge of OWASP Top 10 & SANS Top 25

• Proven experience effectively prioritizing workload to meet deadlines and work objectives.

• Excel at taking initiative and lead projects independently from inception to completion, at times with limited guidance.

• Strong critical thinking and problem-solving skills, with the ability to collaborate effectively with other teams and stakeholders to drive solutions.

• Excellent communication skills, both written and verbal, to effectively interact within the team as well as with other teams and stakeholders.

• Ability to effectively present complex technical topics to non-technical audiences.

• Ability to collaborate with cross functional teams to achieve a shared project goal.

Who we Are

OneMain Financial (NYSE: OMF) is the leader in offering nonprime customers responsible access to credit and is dedicated to improving the financial well-being of hardworking Americans. Since 1912, we’ve looked beyond credit scores to help people get the money they need today and reach their goals for tomorrow. Our growing suite of personal loans, credit cards and other products help people borrow better and work toward a brighter future.

Driven collaborators and innovators, our team thrives on transformative digital thinking, customer-first energy and flexible work arrangements that grow lives, careers and our company. At every level, we’re committed to an inclusive culture, career development and impacting the communities where we live and work. Getting people to a better place has made us a better company for over a century. There’s never been a better time to shine with OneMain.

Because team members at their best means OneMain at our best, we provide opportunities and benefits that make their health and careers a priority. That’s why we’ve packed our comprehensive benefits package for full- and some part-timers with:

• Health and wellbeing options for team members and their dependents

• Up to 4% matching 401(k)

• Employee Stock Purchase Plan (10% share discount)

• Tuition reimbursement

• Continuing education

• Bonus eligible

• Paid time off (15 days’ vacation per year, plus 2 personal days, prorated based on start date)

• Paid holidays (7 days per year, based on start date)

• Paid volunteer time (3 days per year, prorated based on start date)

• And more

#LI-DWB

OneMain Holdings, Inc. is an Equal Employment Opportunity (EEO) and Affirmative Action (AA) employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identify, national origin, age, marital status, protected veteran status, or disability status.