Senior Application Security Engineer
New York City (Hybrid)
Full Time Senior-level / Expert USD 117K+
Nayya
Interacting with benefits is confusing. Transform open enrollment. Personalize decisions. Welcome to the benefit experience your employees deserve.About Nayya
At Nayya, we believe there’s a better way to choose benefits. A more transparent, less confusing way for employees to control their health and financial potential. Powered by billions of data points and machine learning, our benefits experience platform delivers personalized decision support and guidance during open enrollment, new employee onboarding, qualifying life events, and in the moments that matter all year round. This is one of the most stressful and challenging situations consumers face – and we see that as an opportunity to build an innovative response that can help millions of Americans possess the control and understanding they deserve.
Role Overview:
We're currently seeking a Senior Application Security Engineer to join our team at Nayya. In this role, you will be instrumental in enhancing the security posture of our organization, with a primary focus on securing our applications and systems.
Responsibilities:
- Lead the design and implementation of robust security architecture specifically tailored to our applications and systems
- Collaborate with cross-functional teams to seamlessly integrate security measures into our application development lifecycle
- Develop and implement mechanisms for real-time threat detection within our applications
- Lead incident response efforts to ensure timely and effective resolution of security incidents
- Conduct regular security audits and assessments to ensure compliance with industry standards and internal security policies
- Assist in preparing and maintaining documentation for compliance audits and certifications, with a focus on application security
- Provide training and mentorship to development and operations teams on secure coding practices and application security awareness
- Foster a culture of security within the organization by promoting best practices and facilitating knowledge sharing related to application security
- Evaluate, implement, and manage security tools and solutions specifically aimed at enhancing the security of our applications
- Collaborate with various teams to advocate for application security initiatives and requirements throughout the organization while also effectively communicating security risks, concerns, and solutions to stakeholders at all levels
What You'll Bring:
- Minimum of 5 years of experience in cybersecurity, with a focus on application security.
- Proficiency in security and privacy best practices, industry standards, and frameworks (e.g., OWASP, NIST)
- Experience with implementing and managing security in cloud environments, preferably AWS
- Expertise in security testing methodologies and tools (e.g., SAST, DAST, SCA, IAST) with a track record of implementation
- Experience with automation tools and scripting languages (e.g., Python, Shell, PowerShell)
- Relevant certifications such as CISSP, CISM, CEH, or AWS Certified Security are a plus but not required
- Excellent problem-solving, communication, and leadership skills
The salary range for New York based candidates for this role is $117,600 - 150,000. We use a location factor to adjust this range for candidates that are located outside of geographic region of our New York office. Placement within the salary band is determined based on experience.
#LI-DD1
#LI-HYBRID
#BI-Hybrid
Why Join Nayya?
- Be an early employee of a quickly growing, VC-backed start-up - grow with us!
- Have a meaningful impact on a platform that is scaling very rapidly
- Contribute to a values-based culture with an emphasis on empowerment and autonomy
- Work in a highly collaborative, cross-functional environment
- Benefits include: Competitive pay, employer-paid healthcare, stock options
Nayya is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics
Tags: Application security Audits Automation AWS Business Intelligence CEH CISM CISSP Cloud Compliance DAST IAST Incident response Machine Learning NIST OWASP PowerShell Privacy Python SAST Scripting Threat detection
Perks/benefits: Career development Competitive pay Equity Health care Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs