drjobs Sr. Application Security Engineer
  1. Home
  2. Jobs In USA
  3. Jobs In Texas
  4. Jobs In Plano, TX
  5. Sr. Application Security Engineer

Sr. Application Security Engineer

Hyundai Capital
Posted on : 17-05-2025

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
drjobs
Register to Apply Apply Now
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Plano, TX - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Posted on : 17-05-2025

Job Description

Who We Are

Through our service brands Hyundai Motor Finance Genesis Finance and Kia Finance Hyundai Capital America offers a wide range of financial products tailored to meet the needs of Hyundai Genesis and Kia customers and dealerships. We provide vehicle financing leasing subscription and insurance solutions to over 2 million consumers and businesses. Embodying our commitment to grow innovate and diversify we strive to reimagine the customer and dealer experience and launch innovative new products that broaden our market reach. We believe that success comes from within and are proud to support our team members through skill development and career advancement. Hyundai Capital America is an Equal Opportunity Employer committed to creating a diverse and inclusive culture for our workforce. We are a valuesdriven company dedicated to supporting both internal and external communities through volunteering philanthropy and the empowerment of our Employee Resource Groups. Together we strive to be the leader in financing freedom of movement.

We Take Care of Our People

Along with competitive pay as an employee of HCA you are eligible for the following benefits:

Medical Dental and Vision plans that include nocost and lowcost plan options

Immediate 401(k) matching and vesting

Vehicle purchase and lease discounts plus monthly vehicle allowances

Paid Volunteer Time Off with company donation to a charity of your choice

Tuition reimbursement

What to Expect

The Sr. Application Security Engineer will be responsible for designing implementing and testing security controls for financial applications ensuring protection against threats such as data breaches injection attacks and unauthorized access. Reporting to the Sr. Manager Security Engineering & Architect this role will focus on embedding security into the software development lifecycle (SDLC) conducting vulnerability assessments and collaborating with development teams to build secure applications. In addition this role will collaborate with Identity and Access Management (IAM) and Data Loss Prevention (DLP) systems and ensure compliance with financial regulations (e.g. PCI DSS GDPR Korean SOX FFIEC).

What You Will Do

1. Application Security Design and Implementation:

Secure Application Development: Collaborate with development teams to design and implement secure coding practices ensuring applications (e.g. web mobile APIs) are built with securitybydesign principles.

Security Controls: Implement and maintain application security controls including input validation secure session management encryption and secure API design to protect financial data and transactions.

Code Review: Perform manual and automated code reviews using tools (e.g. SonarQube Snyk JFrog etc.) to identify and remediate vulnerabilities such as OWASP Top 10 (e.g. SQL injection XSS CSRF).

Threat Modeling: Conduct threat modeling for financial applications using frameworks (e.g. STRIDE MITRE ATT&CK) to identify and mitigate risks early in the SDLC.

2. Vulnerability Management and Testing:

Static and Dynamic Analysis: Conduct static application security testing (SAST) and dynamic application security testing (DAST) to identify vulnerabilities in application code and runtime environments.

Penetration Testing: Perform applicationfocused penetration testing to validate security controls and simulate realworld attacks (e.g. account takeover data exfiltration).

Vulnerability Remediation: Work with developers to prioritize and remediate vulnerabilities providing guidance on secure coding fixes and best practices.

Bug Bounty Programs: Support the management of bug bounty programs triaging reported vulnerabilities and coordinating fixes with development teams.

3. Integration with IAM and DLP:

IAM Integration: Collaborate with the IAM team to implement secure authentication and authorization mechanisms (e.g. OAuth OpenID Connect JWT) in applications aligning with zerotrust principles and RBAC/MFA requirements.

DLP Integration: Work with the DLP team to embed data loss prevention controls (e.g. Symantec DLP Microsoft Purview) into applications ensuring sensitive financial data (e.g. PII payment card data) is protected from unauthorized access or exfiltration.

Secure API Design: Design and secure APIs used in financial applications integrating with IAM and DLP systems to enforce access controls and data protection policies.

4. DevSecOps and Automation:

DevSecOps Integration: Embed security into CI/CD pipelines using tools (e.g. Jenkins Bitbucket GitHub etc.) automating security scans and ensuring secure deployments in financial environments.

Security Tooling: Deploy and manage application security tools (e.g. Snyk OWASP ZAP Burp Suite) within development workflows to enable continuous security testing.

Scripting and Automation: Develop scripts (e.g. Python Bash PowerShell) to automate security testing vulnerability scanning and compliance checks in the SDLC.

Container Security: Secure containerized applications (e.g. Docker Kubernetes) used in financial services implementing runtime protection and image scanning.

5. Compliance and Risk Management:

Regulatory Compliance: Ensure application security practices comply with financial regulations (e.g. PCI DSS GDPR Korean SOX FFIEC NYDFS) through secure coding documentation and auditready configurations.

Risk Assessments: Conduct application risk assessments to identify and mitigate vulnerabilities such as insecure dependencies or misconfigured APIs.

Policy Enforcement: Enforce application security policies and standards based on industry frameworks (e.g. OWASP NIST 80053 ISO 27001).

Vendor Security: Assess thirdparty libraries APIs and SaaS integrations for security risks ensuring compliance with financial security requirements.

6. Collaboration and Training:

Developer Collaboration: Partner with software engineering DevOps IAM and DLP teams to integrate security into application development and deployment processes.

Security Training: Provide training and guidance to developers on secure coding practices OWASP vulnerabilities and financialspecific threats (e.g. fraud data breaches).

Incident Response Support: Assist in incident response for applicationrelated security incidents such as data breaches or API exploits collaborating with SOC and incident response teams.

Knowledge Sharing: Mentor junior engineers and contribute to the organizations security knowledge base with best practices and lessons learned.

7. Documentation and Reporting:

Security Documentation: Create and maintain documentation for application security designs vulnerability reports and remediation plans to support audits and incident response.

Reporting: Provide regular reports on application security posture vulnerabilities and remediation progress to the Director of Cybersecurity and other stakeholders.

Metrics: Develop and track metrics (e.g. vulnerability resolution time secure code coverage) to measure application security effectiveness and drive continuous improvement.

What You Will Bring

Minimum 8 years progressive experience in cybersecurity with proven knowledge on application security engineering or secure software development.

2 years of experience in financial services with a strong understanding of financial application threats (e.g. fraud API attacks) and regulations (e.g. PCI DSS Korean SOX GDPR).

Handson experience securing web mobile and APIbased applications in regulated environments.

Proven track record of integrating application security with IAM (e.g. SailPoint OAuth) and DLP (e.g. Symantec DLP Microsoft Purview) systems.

Bachelors degree in Computer Science Cybersecurity Software Engineering or a related field.

Masters degree preferred.

At least one of the following: CISSP CSSLP CEH OSCP or equivalent. Application security certifications (e.g. GWAPT GWEB) a plus.

Technical Skills:

Technical expert with deep experience in application security financial services and DevSecOps practices.

Expertise in application security tools (e.g. SonarQube JFrog Snyk Checkmarx Fortify OWASP ZAP Burp Suite) for SAST DAST and penetration testing.

Proficiency in secure coding practices and frameworks (e.g. OWASP Top 10 Secure SDLC).

Strong knowledge of IAM protocols (e.g. OAuth OpenID Connect SAML) and DLP integration for data protection.

Experience with CI/CD pipelines (e.g. Bitbucket Jenkins GitLab Jira) and DevSecOps practices.

Knowledge of security frameworks such as NIST ISO 27001 and COBIT.

Familiarity with cloud platforms (e.g. AWS Azure Google Cloud Oracle Cloud) and container security (e.g. Docker Kubernetes).

Proficiency in scripting (e.g. Python Bash PowerShell) for automation and security testing.

Knowledge of financial applications (e.g. core banking payment gateways) and their security requirements.

Soft Skills:

Strong problemsolving skills to address complex architectural challenges.

Excellent communication skills to articulate technical concepts to technical and nontechnical stakeholders.

Detailoriented with the ability to prioritize and manage multiple security tasks.

Preferred

Experience with AIdriven application security tools or threat detection systems.

Familiarity with zerotrust architecture and secure API design for financial services.

Knowledge of financial fraud prevention techniques (e.g. antimoney laundering transaction monitoring).

Experience working with MSSPs for application security support.

Understanding of emerging trends such as serverless security or secure microservices

Work Environment

Employees in this class are subject to extended periods of sitting standing and walking vision to monitor and moderate noise levels. Work is performed in an office environment.

The posted salary range for this job takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; geographic location and other business and organizational needs. Successful candidates may be hired anywhere in the salary range based on these factors. It is uncommon to hire candidates at or near the top of the range.

California Privacy Notice

This notice only applies to our applicants who reside in the State of California.

The latest version of our Privacy Policy can be found here. This Privacy Policy provides you with notice at or before the point of collection about the categories of personal information to be collected from you the purposes for which your personal information is collected or used and whether that information is sold or shared so that you can exercise meaningful control over our use of your personal information. We are providing this notice to comply with the California Consumer Privacy Act of 2018 as amended as amended by the California Privacy Rights Act of 2020 (CCPA).

If you have any questions about CCPA regarding California residents or HCA team members please contact the Privacy Team at .


Required Experience:

Senior IC

Employment Type

Full-Time

Company Industry

Key Skills

Register to Apply
Apply Now

About Company

Hyundai Capital
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
Start Now

Dr.Job AutoApply

3X your job search with AutoApply's AI for faster dream job results.

Similar Jobs

Senior Application Security Engineer

Leidos - Clarksburg , WV

Principal Application Security Engineer I

Rsa Career - Bangalore

Application Engineer IV

Xylem - Morton Grove , IL

Field Application Engineer

Lmi Technologies - Pune

Senior Business Application Engineer

Samsara - Bengaluru

Application QA Engineer - Barclays

Capco - Bengaluru

Systems & Security Engineer

C12 Quantum Electronics - Paris

Implementation Engineer - Security

Td Synnex - Bengaluru
  1. Home
  2. Jobs In USA
  3. Jobs In Texas
  4. Jobs In Plano
  5. Sr. Application Security Engineer
About Drjobpro.com

Dr. Job is an online platform that connects employers with skilled job seekers, facilitating the search for job opportunities and top talent. Established in 2015. Dr. Job Pro has emerged as the world premier job portal, attracting thousands of job seekers every day from all over the world.

Follow Dr.Job

LinkedIn Drjobpro Facebook Drjobpro Twitter Drjobpro Instagram Drjobpro Youtube Drjobpro Tiktok Drjobpro SnapChat Drjobpro

Dr Job FZ LLC. 2025 © All Rights Reserved

Terms of Use Privacy Policy Cookie Policy

Company

About

How it Works

SiteMap

Contact Us

Blog

Popular Searches

Popular jobs in worldwide

Employer

Post Job Free

CV Search

ATS Partners

Job seeker

Job Seeker Login

Job Seeker Register

Search Jobs

AI Job interview

AutoApply

Companies by Location

Jobs by Countries

Jobs In Saudi Arabia

Jobs In Kuwait

Jobs In Qatar

Jobs In Bahrain

Jobs In Egypt

Jobs In Jordan

Jobs in USA

Jobs in UK

Jobs in India

Change Country