icon
Home icon

Home

Jobs icon

Jobs

Reviews icon

Reviews

Network icon

Network

Resources icon

Resources

|For Employers icon

For Employers

logo
    about
    careers
    FAQs
    privacy policyterms & conditionsfor employers
112k
20k
icon
© 2022 Fairygodboss. All rights reserved.
    My ProfileMy MessagesMy NetworkMy SettingsGroupsEventsMy PostsLog Out

Security Engineering Specialist

company-logo

Northwestern Mutual – Corporate Careers

4.5

Multiple Locations

Why you should apply for a job with Northwestern Mutual – Corporate Careers:

  • Northwestern Mutual – Corporate Careers is on FGB’s Best Finance Companies for Women of 2021.

  • FGB'ers gave this company a 4.5/5 in overall job satisfaction

  • FGB’ers working at Northwestern Mutual – Corporate Careers rated their manager’s support a 4.6/5

  • A concierge service that will tackle your personal "to-do" list, such as running errands, organizing vacations, and scheduling services.

  • 12 weeks of paid parental leave along with programs that support family planning services.

  • Strong commitment to philanthropy evidenced by the NWM Foundation and each employee receiving 16 paid hours annually for volunteering.

FGB'ers' job reviews

73%
Say women are treated fairly and equally to men
83%
Would recommend to other women
86%
Say the CEO supports gender diversity

#33138

Position summary

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

What’s the role?
As a Security Engineering Specialist, partner with both the Business and Software Engineering organizations to assist them with information protection, cybersecurity, and privacy related risks. Help them navigate through the various risk and cybersecurity assessment processes, prioritize and establish plans to address findings, generate threat models, mitigate security vulnerabilities and participate in risk treatment conversations in different stages of the development lifecycle.

  • We provide ongoing assessment and monitoring of security controls for an assigned portfolio of applications maintaining compliance with policies, standards, and regulations to maintain a secure state in the production environment
  • Provide domain expertise for the information risk management program including evaluating vendor security, cloud platform security, application security (i.e. SAST, DAST), cybersecurity regulations, advising on purchase recommendations and consulting on risk treatment options to ensure effective risk management within organizational risk tolerance
  • Partner with business and engineering teams to understand business priorities, articulate risk and treatment options, complete threat models, coordinate penetration tests, facilitate the remediation of security findings and integrate security into the systems development lifecycle
  • Monitor and consult on treatment of higher-risk application vulnerabilities ensuring an ongoing strong security posture
  • Operate and improve processes, metrics and reporting leveraging experience with automation tools or coding/scripting (e.g. Ansible, Terraform, Python, Java/JavaScript, Powershell, PowerBI)
  • Establish a continual learning plan to stay ahead of technology, the latest security threats, vulnerabilities and secure coding practices
  • Bring strong familiarity with NIST, OWASP and security maturity frameworks (i.e. OpenSAMM, BSIMM) secure software development lifecycle, cybersecurity regulations and GRC tools
  • Provide monitoring and response to key performance metrics and reporting to effectively address changes in security priorities

Our tech stack:

  • Amazon Web Services (AWS) Cloud
  • Microservice / Micro-architectures
  • Automation tools or coding/scripting (i.e. Ansible, Terraform, Python, Java/JavaScript, PowerShell)
  • Architecture Diagrams / Data Flow Diagrams / Threat Models
  • Application Security – SAST, DAST, Continuous Delivery / Continuous Integrations
  • Risk Management (Identity and Access, Data Encryption, Incident Response, Logging and Monitoring, Vulnerability Management)
  • NIST, OWASP, security maturity frameworks (i.e. OpenSAMM, BSIMM), secure software development lifecycle, cybersecurity regulations, GRC tools

Bring Your Best! What this role needs:

In this mid-level role, bring a strong appreciation and skill in partnering with leaders as well as developers, ability to understand, follow risk management processes, practices and documentation needs, ability to balance risk issues with business priorities to drive mutually agreeable timelines for remediation.

  • Bachelor’s degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS, Cybersecurity or related field
  • 3-5 years of professional experience in information technology, specifically software development , risk and security controls assessments or audit with demonstrated knowledge in technology and software engineering
  • Experience with coding/scripting with Java/JavaScript, PowerShell, Python, Ansible, Terraform
  • Flexibility to adjust to changing business needs by effectively managing and prioritizing concurrent assignments through effective time management, prioritization, and follow-through
  • Ability to identify and independently resolve critical issues
  • Ability to develop and use relationships to effectively influence and negotiate with internal and external partners
  • Excellent written and verbal communication skills focused on articulating risk and security concepts in both technical and business terms
  • One or more advanced risk or security certifications (e.g. CISSP, CCSP, CEH, CRISC, CISA, CISM) or willingness to achieve within first year

Benefits:

  • Whip-smart team that is very friendly and always willing to lend a hand
  • Tons of room for career growth, learning and development
  • Highly competitive salary
  • Amazing Benefits

#LI-POST

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!

W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.

About the company

141589

Northwestern Mutual – Corporate Careers

Industry: Finance: Life

Northwestern Mutual is here for what’s most important—helping families and businesses achieve financial security for over 160 years. For our clients we offer a distinctive big-picture approach, including both insurance and investments, we’re helping people navigate life and guide them to their goals today, and in the days to come. We combine the expertise of our financial professionals with ...

icon
© 2022 Fairygodboss. All rights reserved.
  • about
  • careers
  • FAQs
  • privacy policy
  • terms & conditions
112k
20k