Senior Application Security Engineer

ABOUT HAPPY MONEY 
Happy Money is a financial technology company on a mission to develop and deliver affordable, accessible financial tools and services that empower people to use money as a tool for their happiness. Members benefit from loans funded by a national network of customer-focused lending partners and designed to help them accomplish their goals. 
Backed by leading investors, Happy Money has helped nearly 205,000 members since inception – working with lending partners to fund over $3.7 billion in loans*. Founded in 2009, Happy Money has a passionate and purpose-driven employee base of approximately 400 people across the United States. For more information, please visit happymoney.com. 
*As of 12/31/2021

ABOUT THE ROLEWe are hiring for a Sr. Application Security Engineer position, who has interest and experience in running static security scans and fixing security vulnerabilities.This will be an individual contributor role that will report to our Information Security Manager.Here at Happy Money, we live by our core values of Love, Trust, and Hustle and welcome all.   Love is shown in how we develop meaningful relationships with everyone we interact with; whether it’s a member of your manager.  Trust is shown through how we empower each other to come to work as our true selves and embrace our differences.  Hustle is shown through how we fail fast and learn from our mistakes.  No one is perfect, we’re all human; if this job description doesn’t exactly match your background, we urge you to apply anyway!

Role Requirements

• 7+ years of experience in static, 3rd party libraries, and dynamic web application scans
• 7+ years skilled in Threat Modeling
• 5+ years administering AWS Architecture Risk Assessment
• 5+ years executing scanning Mobile Applications
• 5+ years performing security code review
• Ability to reproduce a vulnerability and explain to developers how to fix it
• Adept in providing information security requirements to software development projects
• Proficiency in implementing Static Code Analysis within CI/CD pipelines

About You

• 7+ years of experience in software development with fixing security vulnerabilities, found by static scanning tools such as SonarCloud,  Checkmarx, Veracode, or others.
• 7+ years of experience in scanning with fixing security vulnerabilities, found by dynamic scanning tools such as Tenable.io, Qualys, or others.
• Software Engineer who is passionate about secure application development
• Experience in implementing Static Code Analysis tools
• Understanding the AWS Architecture

Here at Happy Money, we live by our core values of Love, Trust, and Hustle and welcome all.  Love is shown in how we develop meaningful relationships with everyone we interact with; whether it’s a member of your manager. Trust is shown through how we empower each other to come to work as our true selves and embrace our differences. Hustle is shown through how we fail fast and learn from our mistakes. No one is perfect, we’re all human; if this job description doesn’t exactly match your background, we encourage you to apply anyway!