Job details

Application Security Engineer

Basic Function

The Application Security Engineer at Lumin Digital is responsible for ensuring the security of digital banking solutions by integrating security practices throughout the product and software development lifecycle. This role involves vulnerability analysis, threat modeling, and collaborating with cross-functional teams to maintain a robust application security posture. Success in this role requires a proactive approach to identifying and mitigating risks, supporting compliance efforts, and staying ahead of evolving security threats.

Essential Functions, Responsibilities, Experience:

Collaborate with Product and Development teams to embed security into the software development lifecycle, from design to maintenance.

Provide guidance on secure architecture, coding practices, and CI/CD pipeline protection.

Implement and maintain automated application vulnerability scanning tools, including static (SAST) and dynamic (DAST) security testing solutions.

Coordinate manual application penetration testing assessments through third-party engagements and validate results.

Respond to application security incidents using industry-standard practices to identify, contain, and remediate vulnerabilities.

Monitor and optimize reporting and alerting systems to identify, prioritize, and address application security risks effectively.

Maintain comprehensive records of vulnerability detections and security posture across all systems, ensuring consistent improvement.

Support risk management, compliance, and audit activities by collecting evidence and producing reports to demonstrate security program effectiveness.

Serve as a first point of contact for reported vulnerabilities, triaging issues from internal sources, clients, and external researchers.

Conduct architectural and code reviews to identify vulnerabilities and recommend improvements to the application security posture.

Perform other duties as assigned.

Growth Opportunities:

30 Days: Gain familiarity with Lumin Digital’s security tools, applications, and processes. Begin triaging security issues and working on initial vulnerability assessments.

90 Days: Take ownership of vulnerability scanning tools, coordinate with third-party testing partners, and contribute to improving application security processes.

1 Year: Lead application threat modeling initiatives, implement enhancements to the vulnerability management program, and provide strategic recommendations to improve Lumin Digital’s security posture.

Knowledge, Skills, & Abilities:

Four (4) years of experience in a relevant technology domain, including security engineering, software engineering, or application vulnerability analysis.

Three (3) years of demonstrated experience in identifying and technically qualifying application security vulnerabilities in a full-time capacity for large-scale web, financial services, or mobile applications.

Ability to read and comprehend application source code (e.g., TypeScript, JavaScript, C#, Java, Swift) and identify vulnerabilities such as command injection and inappropriate cryptographic usage.

Working knowledge of security vulnerabilities, including OWASP Top 10 and CWE.

Specialized knowledge of authentication and authorization frameworks, such as SAML, OIDC, OAuth 2.0, SCIM, JWT, WebAuthn, and OPA

Familiarity with authentication and authorization frameworks (e.g., SAML, OIDC, OAuth 2.0) and applied cryptography concepts.

Strong analytical skills to validate and reproduce reported vulnerabilities through manual testing or scripting.

Effective written and verbal communication skills, with the ability to raise awareness and coordinate remediation activities.

Education:

Bachelor’s degree in Computer Science, Management Information Systems, Cybersecurity, or a related field. Equivalent experience with demonstrated expertise may be considered.

$110,000 - $130,000 a year

LIFE AT LUMIN DIGITAL

Lumin Digital is a trailblazer in digital banking solutions, driven by a unique approach to technology, service, and people. We empower credit unions and banks by creating cutting-edge digital experiences that continuously serve, engage, and grow their membership base. Lumin is 100% cloud-native, purpose-built to unlock the full advantages of the cloud for financial institutions and their users.

At Lumin, we thrive on curiosity and innovation. Our culture fosters trust - in our expertise and decisions, respect - for diverse perspectives and talents, and boldness - in pursuing innovative paths. These values guide us, shaping a workplace where collaboration thrives, ideas flourish, and new possibilities are discovered. Focused on continuous improvement and innovation, we encourage our team to explore, experiment, and put new ideas into action, challenging the usual way of doing things.

All qualified applicants, including those with arrest or conviction records, will be considered for employment. Any conditional offer will include a notice regarding the review of the candidate’s criminal history as part of the hiring process.

For more information, visitlumindigital.com.

Lumin Digital Glassdoor Company Review

4.9

Lumin Digital DE&I Review

No rating

CEO of Lumin Digital

Jeff Chambers

Approve of CEO

Average salary estimate

$120000 / YEARLY (est.)

min

max

$110000K

$130000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Application Security Engineer, Lumin Digital

Join the team at Lumin Digital as an Application Security Engineer and play a crucial role in safeguarding digital banking solutions! In this remote position, you'll ensure that security practices are integrated throughout the product and software development lifecycle. You'll get the chance to collaborate with Product and Development teams, guiding them on secure architecture and coding practices. Your expertise in automated application vulnerability scanning tools like SAST and DAST will help keep our applications safe, while manual penetration testing will ensure thorough assessments. Reacting to application security incidents, you’ll utilize industry-standard practices to swiftly identify and resolve vulnerabilities. You will also have the opportunity to monitor systems for application security risks and maintain detailed records to improve our security posture continuously. With a Bachelor’s degree in Computer Science or related fields, along with several years of experience in security engineering and vulnerability analysis, you’re the perfect fit. At Lumin Digital, we’re not just about security; we’re about empowering financial institutions through innovation. If you thrive on curiosity, enjoy working in a collaborative environment, and want to explore and experiment with new ideas, apply today and help us create cutting-edge digital banking experiences!

Frequently Asked Questions (FAQs) for Application Security Engineer Role at Lumin Digital

What are the main responsibilities of the Application Security Engineer at Lumin Digital?

The Application Security Engineer at Lumin Digital is responsible for integrating security practices into the software development lifecycle. This includes providing guidance on secure architecture, conducting vulnerability analyses, coordinating penetration testing, responding to security incidents, and maintaining robust records of security posture.