Application Security Senior Engineer

The salary range for this job posting is $97,153.00 - $155,445.00 annually + bonus + benefits. Pay Type: Salary

The above represents the full salary range for this job requisition. Ultimately, in determining your pay and job title, we'll consider your location, education, experience, and other job-related factors, and will fall within the stated range. Your recruiter can share more information about the specific salary range during the hiring process.

Encova Insurance is seeking a skilled Senior Application Security Engineer to join our dynamic team in either Columbus, Ohio, or Charleston, West Virginia. This role offers the flexibility to work remotely; however, candidates must reside within a two-hour drive of one of our office locations to accommodate occasional on-site meetings and project collaboration.

Are you a Referral?

If you know a current Encova Insurance associate and would like to apply as a referral, please encourage them to submit your referral information before you submit your application. You will receive an email with a direct URL link to the Job Posting of interest. Applying through this URL link will create your referral relationship for our Talent Acquisition Team.

Unique residence requirements are listed in each job posting, please review closely for details.

Encova is only able to employ associates who reside and work within specific U.S. states. Our current policies are based on the laws in states in which we are registered for payroll. Our current footprint includes:

Connecticut, Delaware, Florida, Georgia, Illinois, Indiana, Iowa, Kansas, Kentucky, Maryland, Massachusetts, Michigan, Minnesota, Missouri, Nebraska, New Hampshire, New Jersey, North Carolina, Ohio, Pennsylvania, South Carolina, Tennessee, Texas, Virginia, West Virginia, Wisconsin.

ESSENTIAL FUNCTIONS:

• Partner with Enterprise Architecture to provide secure designs and patterns for development teams.
• Conduct threat modeling, code reviews, and security assessments of applications and services.
• Collaborate with DevOps teams to integrate security into CI/CD pipelines and establish DevOps security standards.
• Design and implement security controls and automation to detect and prevent vulnerabilities.
• Develop and maintain secure coding standards and training for engineering teams.
• Evaluate and implement application security tools (e.g., SAST, DAST, SCA).
• Assess security findings identified by various scanning tools and guide product engineering teams on the identified risks and the mitigation strategies.
• Work proactively to gain full value from security capabilities and features across the Encova enterprise, ultimately positioning information security as an enabler for the organization.

OTHER FUNCTIONS:

• Take part in incident response efforts related to application security issues.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Adhere to Encova IT principles, High Availability, Least Privilege, etc.
• Maintain awareness of current security trends and compliance regulations.
• Share knowledge with other members of the InfoSec team.
• Perform other duties as assigned.
• Maintain documentation for security controls.

KNOWLEDGE. SKILLS AND EXPERIENCE:

• Strong working knowledge of Application Security technologies, processes and services, as well as policy enforcement and regulatory compliance.
• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
• Minimum 5+ years of experience in application security or software engineering with a security focus.
• Strong understanding of web application architecture, APIs, and cloud-native technologies.
• Strong understanding of CI/CD tooling, containers, dependency management tooling (SCA) and scanning tools such as SonarQube and Wiz.
• Proficiency in at least one programming language (e.g., Java, Python, JavaScript).
• Experience with security tools such as Burp Suite, OWASP ZAP, Veracode, or similar.
• Familiarity with OWASP Top 10, CWE/SANS Top 25, and secure development practices.
• Relevant certifications (e.g., OSWE, CSSLP, GWAPT) are a plus.

This position has been evaluated in accordance with the Americans with Disabilities Act.  Encova Insurance makes every effort to reasonably accommodate disabilities to permit performance of the essential functions and candidates who need such accommodation are encouraged to seek it.  This description reflects the nature and level of work performed by associates in this position.  It is not an all-inclusive inventory of duties, responsibilities and qualifications required.  It provides an accurate overview of the work and skills needed to perform this position.  Because job content may change from time to time, Encova Insurance reserves the right to add and/or delete functions from this job as it deems necessary for business reasons.

Ready to join our team?
At Encova Insurance, we firmly believe that our associates drive our company’s success by delivering unrivaled service to our customers. With success in mind, we make an ongoing effort to provide an environment that offers challenging, stimulating and financially rewarding opportunities.

Join us to discover a work experience where your diverse ideas will be met with enthusiasm – where you can learn and grow to your fullest potential.

What you can expect from us
Join our family of industry leaders, and let us reward you with a competitive salary, bonus and benefits package that includes but is not limited to: a 401(k), wellness programs, bonus incentive plans and flexible schedules, with an early close of the office every Friday. Additionally, Encova aspires to be an outstanding corporate citizen in all the markets we serve; we encourage and support associate participation in community initiatives through our foundations.

Encova Insurance is an EOE/E-Verify employer.