Application Security Architect Requisition ID 24-29211 Location US-CA-Agoura Hills Position Type Regular Category Technology salary $110,000 - $170,000 PENNYMAC Pennymac (NYSE: PFSI) is a specialty financial services firm with a comprehensive mortgage platform and integrated business focused on the production and servicing of U.S. mortgage loans and the management of investments related to the U.S. mortgage market. At Pennymac, our people are the foundation of our success and at the heart of our... more details
Application Security Architect
Requisition ID
24-29211
Location
US-CA-Agoura Hills
Position Type
Regular
Category
Technology
salary
$110,000 - $170,000
PENNYMAC
Pennymac (NYSE: PFSI) is a specialty financial services firm with a comprehensive mortgage platform and integrated business focused on the production and servicing of U.S. mortgage loans and the management of investments related to the U.S. mortgage market.
At Pennymac, our people are the foundation of our success and at the heart of our dynamic work culture. Together, we work towards a unified goal of helping millions of Americans achieve aspirations of homeownership through the complete mortgage journey.
A Typical Day
The Application Security Architect will work closely with development teams, product teams and other development stakeholders across the organization to integrate security into the product lifecycle from design through deployment. The Application Security Architect role is responsible for the implementation of measures to ensure the security of Pennymac’s software systems, applications, code, and related components.
The Application Security Architect will:
Provide subject matter expertise on application security domains including secure coding practices, continuous integration and continuous deployment, and threat modeling.
Assist in conducting security assessments and penetration testing on web applications, where applicable.
Work with product teams throughout the entire SDLC to ensure code is secure by design, secure by default, and secure in deployment and communication.
Work alongside cybersecurity systems to monitor and protect serverless and container based computing applications.
Work cross-functionally with DevOps, application development, database, and infrastructure teams to develop and maintain complex systems that involve integration across in-house developed, COTS, and open-source components.
Establish oneself as a trusted security advisor leading the design, definition and implementation of security best practices and standards and ensure product development teams integrate them into their development workflow.
Perform application code analysis reviews using SAST, DAST, and SCA scanning capabilities.
Support the establishment, implementation, and governance of secure development standards and security baseline requirements.
Drive threat modeling, risk assessment, penetration test findings analysis, and security technology assessments.
Maintains an open communication channel with operations, development, and product teams to ensure security is integrated early and is working to solve business needs.
Mentor developers to further understand Application Security, and Information Security may also conduct security training for development teams.
Build relationships with development teams to foster an inclusive culture.
What You’ll Bring
Approximately 4+ years of experience in programming and/or scripting languages.
Ability or aptitude to operate within Gitlab and Azure DevOps source code and CI/CD technology stacks.
Experience dealing with secure network and system design in Amazon Web Services (AWS)
Expert understanding of secure configuration management and security controls.
Experience reviewing SAST, DAST, penetration test, and SCA results and providing remediation recommendations.
Capable of architecting, engineering, and operationalizing application security technologies through plan, development, build, test, release, deploy, operate, and monitor phases of the SDLC.
Experience in developing and/or reviewing secure development standards that incorporate regulatory and industry best practices.
Desired experience with Web Penetration Testing tools, such as Burp, for validation of security requirements.
Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills.
Must have a mindset of continuous improvement of people, processes and technology.
Leadership mentality and the ability to work independently.
Why You Should Join
As one of the top mortgage lenders in the country, Pennymac has helped over 4 million lifetime homeowners achieve and sustain their aspirations of home. Our vision is to be the most trusted partner for home. Together, 4,000 Pennymac team members across the country are guided by our core values: to be Accountable, Reliable and Ethical in all that we do.
Pennymac is committed to conducting a business that makes positive contributions and promotes long-term sustainable growth and to fostering an equitable and inclusive environment, where all employees and customers feel valued, respected and supported.
Benefits That Bring It Home: Whether you're looking for flexible benefits for today, setting up short-term goals for tomorrow, or planning for long-term success and retirement, Pennymac's benefits have you covered. Some key benefits include:
Comprehensive Medical, Dental, and Vision
Paid Time Off Programs including vacation, holidays, illness, and parental leave
Wellness Programs, Employee Recognition Programs, and onsite gyms and cafe style dining (select locations)
Retirement benefits, life insurance, 401k match, and tuition reimbursement
Philanthropy Programs including matching gifts, volunteer grants, charitable grants and corporate sponsorships
To learn more about our benefits visit: https://pennymacnews.page.link/benefits
Compensation: Individual salary may vary based on multiple factors including specific role, geographic location / market data, and skills and experience as defined below:
Lower in range - Building skills and experience in the role
Mid-range - Experience and skills align with proficiency in the role
Higher in range - Experience and skills add value above typical requirements of the role
Some roles may be eligible for performance-based compensation and/or stock-based incentives awarded to employees based on company and individual performance.
Salary
$110,000 - $170,000
Work Model
REMOTE
Need help finding the right job?
We can recommend jobs specifically for you!Click here to get started.
California applicants, please click here to view our Privacy Policy and click here to view our Privacy Notice.
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.