Job details

Application Security Engineer II (Container Security)

Get a free resume review

Who Are We?

Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.

Job Category

Technology

Compensation Overview

The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards.

Salary Range

$111,600.00 - $184,200.00

Target Openings

What Is the Opportunity?

Travelers is seeking an Application Security Engineer II to join our organization as we grow and transform our Technology landscape. This engineer will focus on supporting and driving security initiatives related to containerized development. Additionally, the individual will complete advanced end to end security engineering tasks for specific system including security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews, and will provide defensive coding techniques consulting. Works with circle leads in a Value Stream on security and performs Application Security testing for Value Stream. Provides guidance on testing to Application Security Engineer I. Performs application architecture security reviews. Partners with Cybersecurity and Enterprise Security Engineering on testing and remediation of vulnerabilities and implementation of Cybersecurity patterns.

What Will You Do?

Support the development of a container image security strategy to include supply chain risk initiatives.
Support the container image security strategy implementation and integration with DevOps pipelines.
Promote a culture around secure container development.
Perform security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews and advise on defensive coding techniques with a high degree of accuracy and speed, operating as an individual contributor to team goals.
Work independently to tackle well-scoped and loosely scoped problems.
Seek opportunities to expand technical knowledge and capabilities.
Provide technical guidance and mentorship to less experienced employees.
Perform other duties as assigned

What Will Our Ideal Candidate Have?

Bachelor's degree plus four years of modern application development or application security experience.
Moderate experience in Container Security working with technologies like Kubernetes and container technologies such as Docker or OpenShift
Moderate experience with development in AWS
Moderate knowledge and understanding of container security and related risks.
Moderate knowledge and experience with build (CI/CD) pipeline technologies such as GitHub Actions, Jenkins, and/or GitLab CI/CD.
Experience with container image hardening and base image management.
Experience with integrating and managing tools involving SAST, SCA, and Secrets scanning capabilities.
Familiarity of microservices architecture and design patterns.
Delivery - Intermediate delivery skills including the ability to estimate accurate timelines for tasks and deliver work at a steady, predictable pace to achieve commitments, contribute to the software design strategy and methodologies used to best meet the system requirements, consider and build for many different use cases, avoid over engineering, and ensure automation, deliver complete solutions but release them in small batches, and identify important tradeoffs and negotiate them.
Domain Expertise - Demonstrated track record of domain expertise including understanding technical concepts necessary to do the job effectively and aware of industry trends, demonstrate willingness, cooperation, and concern for business issues and priorities, and possess in depth knowledge of immediate systems worked on and some knowledge of adjacent systems.
Problem Solving - Strong problem solver who ensures solutions are built for the long term, is able to resolve new issues, recognizes mistakes using them as learning and teaching opportunities and consistently breaks down large problems into smaller, more manageable ones.
Communication - Strong communicator who possesses the ability to articulate information clearly and concisely with the business, document work in a clear, easy to follow manner, collaborate well with team members as both a mentor and mentee, take in vague requirements and ask the right questions to ensure clarification, offer feedback appropriately and effectively, seek out and receives constructive criticism well, listen when others are speaking and make space for colleagues to share their thoughts.
Leadership - Intermediate leadership skills with the ability to help create a safe environment for others to learn and grow as engineers and a proven track record of self-motivation in identifying opportunities and tracking team efforts.

What is a Must Have?

Three years of system security experience.

What Is in It for You?

Health Insurance: Employees and their eligible family members – including spouses, domestic partners, and children – are eligible for coverage from the first day of employment.
Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. If you have student loan debt, you can enroll in the Paying it Forward Savings Program. When you make a payment toward your student loan, Travelers will make an annual contribution into your 401(k) account. You are also eligible for a Pension Plan that is 100% funded by Travelers.
Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health program provides access to free professional counseling services, health coaching and other resources to support your daily life needs.
Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards program that enables you to give back to the charity of your choice.

Employment Practices

Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences.

In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.

If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email so we may assist you.

Travelers reserves the right to fill this position at a level above or below the level included in this posting.

To learn more about our comprehensive benefit programs please visit http://careers.travelers.com/life-at-travelers/benefits/.

Average salary estimate

$147900 / YEARLY (est.)

min

max

$111600K

$184200K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Application Security Engineer II (Container Security), Travelers

Join Travelers as an Application Security Engineer II focused on Container Security, where your expertise will help shape the future of our technology landscape! Located in the vibrant city of Atlanta, Georgia, you'll be diving into the exciting world of containerized development, ensuring that our applications not only serve their purpose but do so securely. In this role, you will champion security initiatives, conduct security testing, and mentor junior engineers—all while working in a collaborative and innovative environment. You'll support the development of a container image security strategy, implement that strategy into DevOps pipelines, and advocate for secure container development practices. As you tackle security research and application testing, you'll interact with various teams to remediate vulnerabilities, deliver effective solutions, and promote best practices. With a focus on growth, we believe in providing our employees not only with a competitive annual salary ranging from $111,600 to $184,200 but also a dynamic benefits package that includes health insurance, retirement plans, and ample PTO. At Travelers, we strive to create a culture of belonging and empowerment, where you can thrive in your career while making an impact. So, are you ready to make a difference with us?

Frequently Asked Questions (FAQs) for Application Security Engineer II (Container Security) Role at Travelers

What are the responsibilities of an Application Security Engineer II at Travelers?

As an Application Security Engineer II at Travelers, your key responsibilities include supporting and driving security initiatives related to containerized development, conducting application security testing, and performing application architecture security reviews. You will also mentor junior engineers and collaborate with cross-functional teams to remediate vulnerabilities.