Job details

Application Security Engineer II

Get a free resume review

Who Are We?

Taking care of our customers, our communities and each other. That’s the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 160 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it.

Job Category

Technology

Compensation Overview

The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards.

Salary Range

$111,600.00 - $184,200.00

Target Openings

What Is the Opportunity?

Travelers is seeking an Application Security Engineer II to join our organization as we grow and transform our Technology landscape. Individual will complete advanced end to end security engineering tasks for specific system including security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews, and will provide defensive coding techniques consulting. Works with circle leads in a Value Stream on security and performs Application Security testing for Value Stream. Provides guidance on testing to Application Security Engineer I. Performs application architecture security reviews. Partners with Cybersecurity and Enterprise Security Engineering on testing and remediation of vulnerabilities and implementation of Cybersecurity patterns.

What Will You Do?

Contribute to the creation of an application penetration testing framework.
Conduct thorough penetration testing on web, mobile, and cloud-based applications to identify security vulnerabilities.
Develop and execute test plans, scripts, and methodologies for application security assessments.
Document and report findings, including detailed descriptions of vulnerabilities, potential impact, and recommended remediation steps.
Perform security research, application security testing, interpretation of vulnerability scan results, threat modeling code reviews and advise on defensive coding techniques with a high degree of accuracy and speed, operating as an individual contributor to team goals.
Work independently to tackle well-scoped and loosely scoped problems.
Seek opportunities to expand technical knowledge and capabilities.
Provide technical guidance and mentorship to less experienced employees.
Perform other duties as assigned.

What Will Our Ideal Candidate Have?

Bachelor's degree plus four years of application security experience and/or certifications such as OSCP, OSWA, or GWAPT.
Proficiency using penetration testing tools such as Burp Suite
Strong knowledge of common application vulnerabilities (e.g., OWASP Top Ten)
Experience reviewing reported application vulnerabilities from outside testers and researchers for impact and likelihood to Travelers.
Experience with DAST tooling and supporting a scalable and integrated strategy to test applications.
Familiarity with threat modeling methodologies.
Delivery - Intermediate delivery skills including the ability to estimate accurate timelines for tasks and deliver work at a steady, predictable pace to achieve commitments, contribute to the software design strategy and methodologies used to best meet the system requirements, consider and build for many different use cases, avoid over engineering, and ensure automation, deliver complete solutions but release them in small batches, and identify important tradeoffs and negotiate them.
Domain Expertise - Demonstrated track record of domain expertise including understanding technical concepts necessary to do the job effectively and aware of industry trends, demonstrate willingness, cooperation, and concern for business issues and priorities, and possess in depth knowledge of immediate systems worked on and some knowledge of adjacent systems.
Problem Solving - Strong problem solver who ensures solutions are built for the long term, is able to resolve new issues, recognizes mistakes using them as learning and teaching opportunities and consistently breaks down large problems into smaller, more manageable ones.
Communication - Strong communicator who possesses the ability to articulate information clearly and concisely with the business, document work in a clear, easy to follow manner, collaborate well with team members as both a mentor and mentee, take in vague requirements and ask the right questions to ensure clarification, offer feedback appropriately and effectively, seek out and receives constructive criticism well, listen when others are speaking and make space for colleagues to share their thoughts.
Leadership - Intermediate leadership skills with the ability to help create a safe environment for others to learn and grow as engineers and a proven track record of self-motivation in identifying opportunities and tracking team efforts.

What is a Must Have?

Three years of system security experience.

What Is in It for You?

Health Insurance: Employees and their eligible family members – including spouses, domestic partners, and children – are eligible for coverage from the first day of employment.
Retirement: Travelers matches your 401(k) contributions dollar-for-dollar up to your first 5% of eligible pay, subject to an annual maximum. If you have student loan debt, you can enroll in the Paying it Forward Savings Program. When you make a payment toward your student loan, Travelers will make an annual contribution into your 401(k) account. You are also eligible for a Pension Plan that is 100% funded by Travelers.
Paid Time Off: Start your career at Travelers with a minimum of 20 days Paid Time Off annually, plus nine paid company Holidays.
Wellness Program: The Travelers wellness program is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health program provides access to free professional counseling services, health coaching and other resources to support your daily life needs.
Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards program that enables you to give back to the charity of your choice.

Employment Practices

Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences.

In accordance with local law, candidates seeking employment in Colorado are not required to disclose dates of attendance at or graduation from educational institutions.

If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email so we may assist you.

Travelers reserves the right to fill this position at a level above or below the level included in this posting.

To learn more about our comprehensive benefit programs please visit http://careers.travelers.com/life-at-travelers/benefits/.

Average salary estimate

$147900 / YEARLY (est.)

min

max

$111600K

$184200K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Application Security Engineer II, Travelers

Are you ready to take your skills to the next level? Join Travelers as an Application Security Engineer II in Atlanta, Georgia! We're committed to taking care of our community and each other, and we need someone like you to help us maintain our reputation as a top property casualty insurer. In this role, you'll be diving deep into advanced end-to-end security engineering tasks, including application security testing and vulnerability assessment. Imagine working collaboratively with a talented team to develop and execute comprehensive testing plans while leveraging the latest tools like Burp Suite. You'll be instrumental in creating an application penetration testing framework and advising on defensive coding techniques that can really bolster our security posture. Plus, you'll have the opportunity to guide less experienced engineers, fostering a culture of growth and learning. We’re looking for someone with a solid background in application security, a passion for innovative technology, and the desire to tackle challenges head-on. With a competitive salary ranging from $111,600 to $184,200, along with outstanding benefits, including health insurance from day one, retirement matching, and generous paid time off, you’ll be joining a company that truly values its employees. If you're eager to expand your technical knowledge, contribute to meaningful projects, and work in an environment that inspires and invests in your growth, the Application Security Engineer II position at Travelers is the perfect fit for you!

Frequently Asked Questions (FAQs) for Application Security Engineer II Role at Travelers

What are the key responsibilities of the Application Security Engineer II at Travelers?

As an Application Security Engineer II at Travelers, you'll conduct comprehensive penetration testing on various applications, including web, mobile, and cloud-based systems. You will also develop test plans, document findings, provide recommendations for remediation, and participate in application architecture security reviews. Your role will be crucial in strengthening our security measures and ensuring that vulnerabilities are addressed effectively.