Application Security Engineer in Dallas, TX at National General Insurance

Date Posted: 5/4/2021

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Dallas, TX
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    5/4/2021

Job Description

Primary Purpose:

Responsible for integrating security into the development of National General’s applications. Work closely with the product and software development team to threat model, vulnerability scan, and pen test the early software, system, and network architecture and identify required control points in the application stack. Work closely with developers to diagnose, document, and remediate application security vulnerabilities. Responsible for evaluating, recommending, and implementing application security related software in an automated continuous integration/deployment environment.

Essential Duties and Responsibilities:

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

  • Develop a security framework within the National General SDLCs, establish a software security assurance process, and work with product delivery teams to build applications securely from start to finish
  • Work closely with application development and platform teams to help formulate and implement a strategy for software security that is tailored to the specific risks facing the organization, including threat modeling and applications security advisement services
  • Develop and maintain a balanced application security program based on a well-defined application security framework
  • Conduct application security assessments / penetration tests and implement tools for dynamic/automated code reviews
  • Ensure application design and implementation best-practice with role-based and appropriate access standards, as well as integration with Identity and Access Management environments
  • Ensure compliance with society, regulatory, and industry standards for application security
  • Continuously evaluate the organization’s existing application security practices, define and measure security-related activities, and demonstrate concrete improvements
  • Provide secure application development training to developers and provide guidance on the development of web-based training for ongoing awareness
  • Conduct code reviews and penetration testing
  • Develop and maintain unit and integration tests designed to ensure security controls are tested on every build

Minimum Skills and Competencies:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

  • Bachelor Degree or in-lieu of degree equivalent education, training and work-related experience
  • 5+ years of experience as an Application Security Engineer, Application Developer, Architect, DevOps Engineer
  • Highly proficient with development languages including C#, .NET, Java, Nodejs, SQL
  • Hands-on experience working in Azure DevOps Services to include creation and execution of CI/CD pipelines
  • Strong build automation experience to include YAML and Powershell
  • Organized, responsive and highly thorough problem solver
  • Possess strong business acumen with ability to work with application development, QA and security teams
  • Must possess a strong understanding of application security frameworks
  • Must possess thorough knowledge of the OWASP Top 10
  • Must have a solid understanding of application security code reviews and penetration testing
  • Practical understanding and use of commercial application security tools
  • Strong self-starter who has the ability to operate independently
  • Has solid understanding and experience with establishing application security policies across an organization
  • Must possess effective verbal and written communication skills with ability to communicate effectively with senior executive leadership; proficiency in preparation of presentations, analytical reports, and documents regarding program operational status, achievement and performance
  • Understanding and passion for Agile/XP/Scrum/Kanban
  • Understanding of Continuous Integration/Testing/Delivery
  • Proficient in Microsoft Office (Word, Excel, Outlook, PowerPoint)

Desired Skills:

  • Advanced Degree in a related field
  • Previous experience within the insurance industry
  • Hands-on experience with varying application security tools such as Micro Focus Fortify, Whitesource, Contrast Security
#LI-CM1

National General Holdings Corp. is an Equal Opportunity (EO) employer – Veterans/Disabled and other protected categories. All qualified applicants will receive consideration for employment regardless of any characteristic protected by law. Candidates must possess authorization to work in the United States, as it is not our practice to sponsor individuals for work visas.

In the event you need assistance or accommodation in completing your online application, please contact NGIC main office by phone at (336) 435-2000.

Job Requirements

About National General Holdings:

National General Holdings Corp., a member of the Allstate family of companies, is headquartered in New York City. National General traces its roots to 1939, has a financial strength rating of A– (excellent) from A.M. Best, and provides personal and commercial automobile, homeowners, umbrella, recreational vehicle, motorcycle, supplemental health, and other niche insurance products. We are a specialty personal lines insurance holding company. Through our subsidiaries, we provide a variety of insurance products, including personal and commercial automobile, homeowners, umbrella, recreational vehicle, supplemental health, lender-placed and other niche insurance products.

National General is a fast paced, dynamic, and entrepreneurial organization. Our team members live by and exemplify what we call the 4Es. At National General, we are Energized, Engaged, Empowered, and we Execute every day in order to provide an exceptional experience for our customers! We are passionate about our organization and the value that we add every day. A successful candidate with National General will embody the 4Es. Our team is poised to outperform the competition. We are National General Insurance and with us you can be extraordinary! Come join our team!

Companies and Partners

Direct General Auto & Life, Personal Express Insurance, Century-National Insurance, ABC Insurance Agencies, NatGen Preferred, NatGen Premier, Seattle Specialty, National General Lender Services, ARS, RAC Insurance Partners, Mountain Valley Indemnity, New Jersey Skylands, Adirondack Insurance Exchange, VelaPoint, Quotit, HealthCompare, AHCP, NHIC, Healthcare Solutions Team, North Star Marketing, Euro Accident.

In addition to a phenomenal career opportunity, National General Insurance offers an excellent benefits package including:

• Paid Training
• Medical, Dental, Vision benefits
• Wellness Programs
• Life and Short/Long Term Disability Insurance
• 401k w/ Company Match
• Company Paid Holidays & Generous Time-off policy
• Employee Discount Program
• Career Advancement and Development Opportunities
• On-site Healthcare Clinic (Winston-Salem and Cleveland offices)
• On-site Fitness Center (Cleveland and Dallas offices)
• Subsidized parking (Cleveland office)

National General Holdings Corp. is an Equal Opportunity (EO) employer – Veterans/Disabled and other protected categories. All qualified applicants will receive consideration for employment regardless of any characteristic protected by law. Candidates must possess authorization to work in the United States, as it is not our practice to sponsor individuals for work visas.

In the event you need assistance or accommodation in completing your online application, please contact NGIC main office by phone at (336) 435-2000.

CHECK OUT OUR SIMILAR JOBS

  1. Software Engineer Jobs
  2. Project Engineer Jobs