Lead Application Security Engineer

| Los Angeles, CA, USA | Remote | Hybrid
Employer Provided Salary: $110,000-$170,000 Annually
Salary data is provided by the employer. Please note this is not a guarantee of compensation.
Sorry, this job was removed at 1:05 p.m. (PST) on Thursday, March 7, 2024
Find out who's hiring in Greater LA Area.
See all Cybersecurity + IT jobs in Greater LA Area
By clicking Apply Now you agree to share your profile information with the hiring company.

Pennymac (NYSE: PFSI) is a specialty financial services firm with a comprehensive mortgage platform and integrated business focused on the production and servicing of U.S. mortgage loans and the management of investments related to the U.S. mortgage market.
At Pennymac, our people are the foundation of our success and at the heart of our dynamic work culture. Together, we work towards a unified goal of helping millions of Americans achieve aspirations of homeownership through the complete mortgage journey.
A Typical Day
The Lead Application Security Engineer will work closely with development teams, product teams and other development stakeholders across the organization to integrate security into the product lifecycle from design through deployment. The Lead Application Security Engineer role is responsible for the implementation of measures to ensure the security of Pennymac's software systems, applications, code, and related components.
The Lead Application Security Engineer will:

  • Provide subject matter expertise on application security domains including secure coding practices, continuous integration and continuous deployment, and threat modeling.
  • Assist in conducting security assessments and penetration testing on web applications, where applicable.
  • Work with product teams throughout the entire SDLC to ensure code is secure by design, secure by default, and secure in deployment and communication.
  • Work alongside cybersecurity systems to monitor and protect serverless and container based computing applications.
  • Work cross-functionally with DevOps, application development, database, and infrastructure teams to develop and maintain complex systems that involve integration across in-house developed, COTS, and open-source components.
  • Establish oneself as a trusted security advisor leading the design, definition and implementation of security best practices and standards and ensure product development teams integrate them into their development workflow.
  • Perform application code analysis reviews using SAST, DAST, and SCA scanning capabilities.
  • Support the establishment, implementation, and governance of secure development standards and security baseline requirements.
  • Drive threat modeling, risk assessment, penetration test findings analysis, and security technology assessments.
  • Maintains an open communication channel with operations, development, and product teams to ensure security is integrated early and is working to solve business needs.
  • Mentor developers to further understand Application Security, and Information Security may also conduct security training for development teams.
  • Build relationships with development teams to foster an inclusive culture.

What You'll Bring

  • Approximately 4+ years of experience in programming and/or scripting languages.
  • Ability or aptitude to operate within Gitlab and Azure DevOps source code and CI/CD technology stacks.
  • Experience dealing with secure network and system design in Amazon Web Services (AWS)
  • Expert understanding of secure configuration management and security controls.
  • Experience reviewing SAST, DAST, penetration test, and SCA results and providing remediation recommendations.
  • Capable of architecting, engineering, and operationalizing application security technologies through plan, development, build, test, release, deploy, operate, and monitor phases of the SDLC.
  • Experience in developing and/or reviewing secure development standards that incorporate regulatory and industry best practices.
  • Desired experience with Web Penetration Testing tools, such as Burp, for validation of security requirements.
  • Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills.
  • Must have a mindset of continuous improvement of people, processes and technology.
  • Leadership mentality and the ability to work independently.

Why You Should Join
As one of the top mortgage lenders in the country, Pennymac has helped over 4 million lifetime homeowners achieve and sustain their aspirations of home. Our vision is to be the most trusted partner for home. Together, 4,000 Pennymac team members across the country are guided by our core values: to be Accountable, Reliable and Ethical in all that we do.
Pennymac is committed to conducting a business that makes positive contributions and promotes long-term sustainable growth and to fostering an equitable and inclusive environment, where all employees and customers feel valued, respected and supported.
Benefits That Bring It Home: Whether you're looking for flexible benefits for today, setting up short-term goals for tomorrow, or planning for long-term success and retirement, Pennymac's benefits have you covered. Some key benefits include:

  • Comprehensive Medical, Dental, and Vision
  • Paid Time Off Programs including vacation, holidays, illness, and parental leave
  • Wellness Programs, Employee Recognition Programs, and onsite gyms and cafe style dining (select locations)
  • Retirement benefits, life insurance, 401k match, and tuition reimbursement
  • Philanthropy Programs including matching gifts, volunteer grants, charitable grants and corporate sponsorships

To learn more about our benefits visit: https://pennymacnews.page.link/benefits
Compensation: Individual salary may vary based on multiple factors including specific role, geographic location / market data, and skills and experience as defined below:

  • Lower in range - Building skills and experience in the role
  • Mid-range - Experience and skills align with proficiency in the role
  • Higher in range - Experience and skills add value above typical requirements of the role

Some roles may be eligible for performance-based compensation and/or stock-based incentives awarded to employees based on company and individual performance.
$110,000 - $170,000
Work Model

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.


We’re a national company with Tech hubs in Raleigh, NC; Plano, TX; Phoenix, AZ; Moorpark, CA, and remote workers in many states. Our Tech headquarters in Agoura Hills, CA is just miles away from Malibu Beach, nestled in the quiet hills, with access to excellent restaurants and great hiking trails.

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about PennymacFind similar jobs