Listing Description

Position Title: Senior Cloud Application Security Engineer (remote or hybrid)

Entity: KBRA Holdings

Employment Type: Full-Time (hybrid or remote)

Location: US based:  New York, New York or Dresher, Pennsylvania.  (Remote only:  CA, CO, DC, FL, IL, MD, NJ, MA, NY, PA, SC, TX, VA)

Summary/Overview:

KBRA Holdings is seeking a Senior Cloud Application Security Engineer to join our growing Information Security team. This position is based out of our NYC,  Dresher, PA or remote and reports to the Director of Information Security. Occasional travel to our NYC or Dresher, PA office may be required. KBRA Information Security is focused on creating services and guidance for engineering teams to help them create reliable and secure applications.

About the Team:

The organization is transforming to a model where small, empowered teams own the things they build from inception through production. This role was created to provide resources to these teams to enable them to rapidly deploy scalable, observable, reliable, and secure applications. Those resources include shared development tools, platforms to run their application, and expertise in building, and running complex distributed secure systems. Our customers are internal engineering teams, and it is our job to help them be successful. We value learning and make time during the workday for our team members to grow their skill sets.

About the Job:

As a Senior Cloud Application Security Engineer, you will ensure that KBRA cloud environments and any software developed by our engineering teams meets our overall security standards and protects KBRA's information. This role will have a huge impact across the organization. It will require close collaboration with engineers throughout KBRA and all changes will have to be made while considering their impact on multiple products with active users.

Job Responsibilities:

• Architect and automate secure cloud environments using policies, guardrails, standards and best practices to prevent, detect and respond to misconfigurations and security issues


• Provide expert advice, consultancy, and support to our engineering teams on cloud/application security reviews, threat modeling and ultimately resolving security issues


• Assist our engineers in creating secure pipelines and ensure that KBRA’s applications and cloud environments are secure


• Coordinate vulnerability scans and penetration tests through to mitigation of all KBRA-developed applications and cloud environments


• Create, support, and tune the tools that the engineering teams will use to keep their applications and cloud environments secure (SAST, DAST, SCA/3rd party dependency scanning, etc)


• Drive security into KBRA’s systems development life cycle to ensure that security is built in and considered Manage a Security Champions network throughout KBRA Technology


• Lead security projects to ensure the timely completion of efforts Create security policies, standards, procedures, and guidelines


• Evaluate and ultimately implement new and emerging security products and technologies

Successful candidates will possess the following:

• Experience designing, building, running, and troubleshooting complex distributed systems.


• Encouraging and patient when dealing with engineers and teams new to running their own operations or new tools. Have initiative and will unblock yourself in order to accomplish goals.


• Tend to iterate over solutions and deliver work incrementally rather than delivering large, risky chunks of work. Can mentor and frequently collaborate with people inside and outside the team.


• Are willing to maintain legacy systems while working towards a solution for replacing them.

Salary Range:

The anticipated annual base salary range for this full-time position is $135,000 to $165,000. Offer amounts are determined by factors such as experience, skills, geography, and other job-related factors.

Benefits:

• Remote or Hybrid work schedule (in the office Tuesday, Wednesday or Thursday)


• Competitive benefits and paid time off


• Paid family and disability leave


• 401(k) plan, including employer match (100% vested)


• Educational and professional development financial assistance


• Employee referral bonus program


• Cell phone reimbursement

About Us:

KBRA is a full-service credit rating agency registered in the U.S., the EU and the UK, and is designated to provide structured finance ratings in Canada. KBRA’s ratings can be used by investors for regulatory capital purposes in multiple jurisdictions.

More Info:

KBRA encourages applications from all qualified individuals without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, citizenship, disability, and veteran status or any other basis prohibited by federal, state or local law.

#LI-REMOTE

#LI-HYBRID

#LI-SS1