Cyber SDC - AppSec Engineer - Senior - Consulting - Location Open

KANSAS CITY, MOPosted a month ago

Job summary

• Job post source

  This job is directly from EY

• Job overview

  The Senior Application Security Engineer at EY is responsible for managing and securing application development platforms and tools, enhancing security practices within the software development lifecycle to support the company's cybersecurity goals.

• Responsibilities and impact

  The role involves operating and updating application security tools like GitHub, SonarQube, and Artifactory, automating processes, managing security patches, collaborating with teams to embed security in CI/CD pipelines, and supporting client needs through operational metrics and ticket resolution.

• Compensation and benefits

  The position offers a base salary ranging from $77,500 to $160,500 depending on location and experience, along with comprehensive benefits including medical and dental coverage, pension and 401(k) plans, paid time off, and a flexible vacation policy.

• Experience and skills

  Candidates must have a bachelor's degree in a related field, extensive experience in application security and cloud patching, scripting skills in Python or Bash, and knowledge of major operating systems; preferred qualifications include 2-4 years of AWS and CI/CD experience and relevant security certifications.

• Career development

  EY provides continuous learning opportunities, leadership coaching, and a flexible environment to support career growth and skill development in cybersecurity.

• Work environment and culture

  EY promotes a diverse and inclusive culture with a hybrid work model, emphasizing ethical standards, collaboration, and empowerment in a globally connected team environment.

• Company information

  EY is a global professional services firm offering assurance, consulting, tax, strategy, and transaction services across more than 150 countries, focused on building a better working world through technology and innovation.

• Team overview

  The candidate will join a cybersecurity team working cross-functionally to enhance application security practices and support client engagements.

• Job location and travel

  The position is remote, allowing work from anywhere in the country, with expectations for hybrid collaboration 40-60% of the time during engagements.

• Application process

  Applications are accepted on an ongoing basis with accommodations available for candidates with disabilities; specific instructions for California residents are provided.

• Unique job features

  The role uniquely integrates security tools into development pipelines, emphasizes automation and operational efficiency, and offers flexible vacation and hybrid work options to support work-life balance.

Company overview

EY, also known as Ernst & Young, is a global leader in professional services, offering assurance, tax, consulting, and advisory services to a wide range of industries. The company generates revenue through client fees for these services, leveraging its extensive expertise to help businesses navigate complex challenges and achieve growth. Founded in 1989 from a merger between Ernst & Whinney and Arthur Young & Co., EY has a rich history of innovation and leadership in the professional services sector. Notably, EY is committed to building a better working world by fostering sustainable growth and driving positive change.

How to land this job

• Tailor your resume to highlight hands-on experience with application security tools such as GitHub, SonarQube, JFrog Artifactory, and automation platforms like Tines, emphasizing your ability to manage, patch, and update these tools securely and efficiently.

• Showcase your knowledge of cloud infrastructure, especially AWS, and your experience integrating security within CI/CD pipelines, focusing on automation and secure software development lifecycle practices.

• Apply through multiple channels including EY's official careers page and LinkedIn to maximize your application visibility and ensure you meet EY's ongoing application acceptance.

• Connect on LinkedIn with EY professionals in the Cybersecurity or Application Security divisions, using ice breakers like commenting on recent EY cybersecurity initiatives or asking about their experience with the tools and processes mentioned in the job description.

• Optimize your resume for ATS by incorporating keywords such as 'application security,' 'CI/CD pipelines,' 'AWS,' 'automation,' 'patch management,' and specific tool names like 'SonarQube' and 'JFrog Artifactory' to pass initial screening filters.

• Leverage Jennie Johnson's Power Apply feature to automate applying through multiple platforms, tailor your resume with relevant keywords, and identify LinkedIn contacts for networking, saving you time and increasing your chances of landing the role.