Security Engineer II – Application
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security Engineer II managing application security to safeguard users' data. Collaborating with engineering teams to integrate secure practices in software development.
Responsibilities:
- Partner closely with engineering teams across the company to reduce security risk throughout the software development lifecycle
- Contribute to initiatives that strengthen NerdWallet’s security posture by improving tooling, workflows, and standards that help engineers build secure software while maintaining a great developer experience
- Help scale NerdWallet’s application security program through automation, tooling, and developer enablement
- Partner with engineering and product teams to identify and remediate security gaps across multiple systems while balancing business priorities
- Build tools, processes, and automation that improve security posture visibility for engineers and leadership
- Review pull requests and provide actionable guidance on secure coding practices
- Support operational work during security investigations or incidents affecting applications
- Help integrate security practices into the secure development lifecycle (SDLC) across teams
Requirements:
- 2+ years of experience in application security, software engineering, or a related security role
- Experience identifying, triaging, and remediating security vulnerabilities in applications
- Experience working with software deployed in cloud environments, particularly AWS
- Proficient in Python or another scripting language used for automation
- Comfortable reading and reviewing JavaScript or similar application code
- Experience or interest in building automation, tooling, or processes that improve application security workflows
- Comfortable learning new programming languages, frameworks, or security tools as needed
Benefits:
- Industry-leading medical, dental, and vision health care plans for employees and their dependents
- Rejuvenation Policy – Flexible Vacation Time Off + 11 holidays + holiday company shutdown
- New Parent Leave for employees with a newborn child or a child placed with them for adoption or foster care
- Mental health support
- Paid sabbatical after 5 years for Nerds to recharge, gain knowledge, and pursue their interests
- Health and Dependent Care FSA and HSA Plan with monthly NerdWallet contribution
- Monthly Wellness Stipend, Cell Phone Stipend, and Wifi Stipend (Only remote Nerds are eligible for the Wifi Stipend)
- Work from home equipment stipend and co-working space subsidy (Only remote Nerds are eligible for these stipends)
- Nerd-led group initiatives – Employee Resource Groups for Parents, Diversity, and Inclusion, Women, LGBTQIA, and other communities
- Hackathons and team events across all teams and departments
- Company-wide events like NerdLove (employee appreciation) and our annual Charity Auction
- Our Nerds love to make an impact by paying it forward – Take 8 hours of volunteer time off per quarter and donate to your favorite causes with a company match
- 401K with 4% company match
- Be the first to test and benefit from our new financial products and tools
- Financial wellness, guidance, and unlimited access to a Certified Financial Planner (CFP) through Northstar
- Disability and Life Insurance with employer-paid premiums
Similar Jobs
Senior Security Engineer
Senior Security Engineer focusing on security operations in software development pipelines for a sustainable infrastructure company. Collaborating with IT and DevOps teams in a remote setting.
Cybersecurity Project Manager – Contract
Cybersecurity Project Manager in Technology Program Management Office overseeing cybersecurity project delivery. Requires extensive experience in cybersecurity, risk, compliance, controls, and audits.
Data Protection & AI Security, Staff Engineer
Staff Engineer leading strategic data protection and AI security initiatives at The Hershey Company. Collaborating with cross-functional teams to protect sensitive data and manage emerging risks.
Senior Cybersecurity Engineer
Cybersecurity Engineer responsible for protecting technology environments and delivering threat detection capabilities. Collaborating with IT, OT, and operations to strengthen operational security and compliance.
Senior Cybersecurity Engineer, Threat Detection and Response
Cybersecurity Engineer managing threat detection and response within Starbucks Security Operations Center. Leveraging expertise in cybersecurity and advanced log analysis to mitigate threats and support IT security.
Head of Security
Head of Security operating the information security program at Anomaly. Focused on enabling rapid product development while maintaining security and compliance.
Information Security GRC Analyst
Information Security GRC Analyst role focusing on developing and maturing governance, risk, and compliance programs. Assisting clients with compliance frameworks and cybersecurity measures in a remote work environment.
Senior Security Engineer
Senior Security Engineer at Red Cup IT, Inc. designing cloud security architectures and automating security processes to defend against modern threats. Leading projects and mentoring junior staff.
Senior Security Engineer
Senior Security Engineer at Sandisk owning and improving security tooling for SOC operations. Focus on reliability, detection, and automation in a leading tech company.
Senior System Security Engineer
Senior System Security Engineer safeguarding critical systems and infrastructure for cybersecurity firm. Developing security strategies and collaborating with teams to maintain system integrity and compliance.
Staff Security Engineer
Staff Security Engineer at CVS Health designing security measures for digital infrastructure. Collaborating with teams and providing technical guidance to safeguard sensitive data and ensure compliance.
CMMC Cybersecurity Compliance Consultant
Cybersecurity Compliance Consultant leading CMMC policy development for DoD contractors. Managing compliance sprints and client documentation for audit readiness in a fully remote setup.
Senior Analyst – Supply Chain Master Data Compliance, Governance
Senior Analyst supporting Master Data Compliance and Governance at CVS Health. Driving data quality, accuracy, and regulatory compliance in the drug supply chain.
Principal Technical Specialist – Vehicle & Connected Cyber Security
Principal Technical Specialist overseeing cybersecurity for vehicle systems at Ford. Leading technical authority and collaborating across various teams to enhance security measures.
Sales & Account Manager – IT Security, SaaS
Sales/Account Manager responsible for developing DACH market for SaaS solution in physical security. Engaging with clients to promote long-term identity management solutions in a growing market.
Mid Level Security Engineer – Identity and Endpoint
Mid Level Security Engineer focusing on Microsoft 365 deployment and operation for government clients. Key role in transitioning security capabilities and providing training and documentation.
Information Security Specialist
Information Security Specialist at Capital Blue Cross monitoring and responding to cyber threats. Collaborating with IT teams to enhance security posture and compliance with industry standards.
Senior Security Practitioner – Product Engineering
Applied Security Researcher working on product AI team for cybersecurity. Building use cases, generating threat data, and testing AI models for security operations.
Director, Infrastructure – Information Security
Practice Leader responsible for Infrastructure & Information Security Practice within Core Education. Leading teams and managing operations to enhance partner college experiences.
Senior Information Security
Information Security Senior driving security-related initiatives for Salesforce Government Cloud Division. Collaborating with stakeholders to ensure compliance and enhance security measures.