Head of Application Security
Are you looking to work in a Fin Tech startup environment building cloud-based SaaS products?
BNY Mellon is creating a new client-facing business focused on data solutions to be led by dynamic, results-oriented business leaders. We are using state of the art tools and technologies to build cutting-edge solutions that will take our clients and the industry into the future - transforming the way business is done today.
We are looking for innovators, pathbreakers, unconventional minds who can challenge the norm, and are not just excited about creating the vision but equally passionate to bring that vision to life.
The Head of Application Security is a critical role within the Data & Analytics Business reporting to the Head of Technology of Eagle Investment Systems and high visibility to the Head of Asset Servicing and Head of Digital.
The business will be focused on:
- Offering a “Data Vault” solution that is a secure and flexible data store that ingests, tags, and tracks multi-format, multi-source data.
- Provide data/decision scientists a “Data Studio” to perform ad-hoc data wrangling, analytics and interpretation on large amounts of data within the vault to identify ways to differentiate in the market place (e.g., cost agility, intelligent automation, product rationalization & growth).
- Leveraging “Business Applications” to provide clients insights and analytics (e.g., pre/post trade performance and risk, investor analytics, custom indices).
Roles & Responsibilities
- Improve and manage the application security program and the business wide secure development standards. Communicate any vulnerabilities risks and remediation methods to business owners, developers and technical teams.
- Strong knowledge of building security into continuous integration and delivery (CI/CD) pipeline.
- Responsible for overall Cyber Security posture through security testing on applications using dynamic and static analysis tools and penetration testing for both internal / external managed services.
- Provide application security guidance and oversight across Security, Development & Operations teams.
- Influence the design and implementation of upcoming products and services with security by default mindset.
- Design and assess SaaS and PaaS cloud services and virtualization technologies, e.g. Amazon Web Services (AWS).
- Using a risk-based approach, advocate for and help prioritize remediation of security findings and develop / report metrics measuring the state of application security program.
Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred 15+ years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
*for more info you can contact firstname.lastname@example.org