Product Security Engineer

Posted:
9/26/2024, 5:00:00 PM

Location(s):
Wisconsin, United States ⋅ West Bend, Wisconsin, United States

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security ⋅ Software Engineering

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

Northwestern Mutual is looking for enthusiastic technologists who want to grow their career in product security.  In this position, you will work with cross-functional teams while leveraging a set of diverse technologies and an automation first approach resulting in the deployment, testing, and documentation of secure patterns to ensure our NM engineering practices are Secure by Default.

This role requires a DevOps mindset with experience in Python, SQL/DBs (Postgress\MySQL\etc), AWS, Configuration as Code and an exceptional level of enthusiasm for technology and engineering. Must have a proven track record of self-motivated accomplishment.  This is an exciting opportunity to build upon technical experience with a strong security mindset.

Primary Duties & Responsibilities:

  • Engineer solutions with a focus on automation to reduce manual/repetitive tasks in alignment with NM's Target State Architecture and predominant Platforms
  • Guide and advise application and engineering teams in product security
  • Manage technical support of product security capabilities
  • Design, implement, and maintain procedures, processes, and methodologies that support product security capabilities
  • Actively monitor, assess, and recommend tactical and strategic initiatives based on new and emerging threats posing risk to our company
  • Identify requirements for existing and newly proposed processes and engineer automation-solutions that reduce or eliminate repetitive or manual work
  • Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry best practices
  • Manage remediation efforts after security assessment findings outline weaknesses requiring attention
  • Mentor other staff members to ensure consistency, quality, and productivity of deliverables
  • Participate in a multi-org group identifying, deploying, testing, and documenting opinionated ways to achieve our Security Standards in secure application / infrastructure patterns
  • Assist with technical support of defined secure application / infrastructure patterns
  • Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry best practices
  • Partner with other teams on emerging best practices, patterns, and technology
  • Proactively learn emerging platforms and related technology

Qualifications:

  • Bachelor's or equivalent experience with an emphasis in Cybersecurity, Computer science, Computer engineering, Software engineering, Cloud Engineering, MIS related field
  • 5+ years' experience in development, infrastructure, and\or cybersecurity
  • Experience with CICD pipelines to automate application and infrastructure code deployments
  • Experience with workload orchestration platforms such as Kubernetes
  • Experience with Infrastructure as code concepts and tooling including Terraform or CloudFormation.
  • One or more advanced security certifications (e.g., CISSP, CCSP, GIAC, ISC[2] and other recognized cybersecurity industry organizations)
  • Understanding of applicable risk management frameworks such as NIST, Cloud Security Alliance, and OWASP
  • Knowledgeable about secure architecture, engineering, and design principles
  • Competency with one or more scripting/programming languages such as Python, JavaScript, Java, Ruby, Go, PowerShell, Bash, C#, C/C++, etc
  • Strong written and verbal communication skills with proven interpersonal savvy with demonstrated tact and diplomacy

Preferred Qualifications:

  • Experience with Amazon Web Services (AWS) and/or Microsoft Azure, preferably within an Agile/DevOps operating model
  • Experience with SAST, DAST, RASP and/or SCA tools
  • Understanding of a wide range of cybersecurity capabilities including application security, security engineering, identify & access management, incident response, logging & monitoring, cloud and penetration testing
     

The ideal candidate is:

  • Passionate about security!
  • A team player who enjoys collaborating with cross-functional teams
  • A great communicator (written and verbal) with an ability to articulate complex topics in a clear and concise manner
  • A problem solver that employs a flexible and constructive approach
  • Proficient with multiple development tools and is continuously looking for opportunities to improve processes and capabilities through automation
  • A self-directed individual contributor who is experienced working with application and engineering teams
  • An engineer who enables productivity in support of business objectives
  • Familiar with traditional or cloud computing, including networking, compute, storage, app development, data, operations, or security
  • Comfortable reviewing code and speaking openly to provide remediation guidance
  • A self-directed individual contributor with the ability to independently identify and resolve issues
  • Someone who has a track record of acting with integrity, taking pride in work, seeking to excel, being curious, and is adaptable
  • Able to maintain and strengthen relationships with the ability to effectively influence and negotiate with internal and external partners
  • Able to solve complex technical issues and enable/teach peers to be self-sufficient and provide thought leadership throughout the local work division

Compensation Range:

Pay Range - Start:

$100,030.00

Pay Range - End:

$185,770.00

Northwestern Mutual pays on a geographic-specific salary structure and placement in the salary range for this position will be determined by a number of factors including the skills, education, training, credentials and experience of the candidate; the scope, complexity as well as the cost of labor in the market; and other conditions of employment. At Northwestern Mutual, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. Please note that the salary range listed in the posting is the standard pay structure. Positions in certain locations (such as California) may provide an increase on the standard pay structure based on the location. Please click here for additional information relating to location-based pay structures.

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in California, Colorado, New York City, Washington or outside of a Corporate location, please click here for information pertaining to compensation and benefits.

Northwestern Mutual

Website: https://www.northwesternmutual.com/

Headquarter Location: Milwaukee, Wisconsin, United States

Employee Count: 10001+

Year Founded: 1857

IPO Status: Private

Industries: Advice ⋅ Consulting ⋅ Finance ⋅ Financial Services ⋅ Insurance ⋅ Life Insurance