Application Security Engineer

About The Job

Recruitment Title: Application Security Engineer

Job Classification: 9703SG

Job Classification Code: IT Pro 3 - Security Operations

Supervisor: Chris Herdt

Area: University Information Security

Salary: $100,000 - $115,000

Please note, we are not offering H-1B or Green Card sponsorship for this position.

The University of Minnesota is committed to fostering local talent through employment opportunities. While this position utilizes a hybrid modality, prospective applicants must be located either in the state of Minnesota or near the Wisconsin border or otherwise open to relocation.

At the University of Minnesota, we are dedicated to changing lives through education, research, and outreach. The University Information Security department (UIS) offers a diverse environment of trust, collaboration, and mission-focused work. We seek an experienced Application Security Engineer to join the UIS team to lead key application security initiatives.

The ideal candidate will be a self-starter who can oversee web application security projects in a diverse and decentralized environment. This role requires a solid technical background, specifically with DAST/SAST tools and CI/CD integration, along with the ability to build collaborative relationships with developers and IT staff. The role will need the ability to analyze technical challenges, contribute to security processes, and partner with internal training and awareness analysts to foster a proactive security culture through developer training and guidance.

We Offer

• University paid contribution (10% of your salary) to your retirement account - vested immediately.
• 22 paid vacation days per year, in addition to sick leave and 12 paid holidays.
• Reduced tuition opportunities covering 75% - 100% of eligible tuition.
• Excellent and affordable health care benefits (2023 Enrollment Guide).
• Wellbeing program with opportunity to earn lower health care rates.
• Free disability insurance and employer-paid life insurance.
• Public Service Loan Forgiveness (PSLF) opportunity.
• Financial counseling services.
• Employee Assistance Program with eight sessions of counseling at no cost.
• Employee Transit Pass with free or reduced rates in the Twin Cities metro area.
• Annual merit increase program.
  
  

Looking to advance your Cyber Security career with relocation support? Explore Cyber Security Jobs with Relocation Packages that include comprehensive packages to help you move and settle in your new role.

Job Responsibilities

• Lead the implementation and optimization of DAST and SAST tools to scan university web applications.
• Analyze scan results, prioritize vulnerabilities, coordinate remediation efforts with development teams, and advise on secure coding alternatives.
• Automate security testing to ensure it is a seamless part of the development lifecycle.
• Act as a subject matter expert in integrating security controls into CI/CD pipelines.
• Define baseline scanning policies and metrics to measure the health of the University’s application risk posture.
• Lead threat modeling exercises with development teams to identify risks early in the design phase.
• Analyze complex security threats and automate or streamline response processes.
• Act as subject matter expert for application security related concepts and technologies.
• Collaborate with the security awareness team to design and deliver targeted training for developers.
• Support security operations efforts related to application vulnerabilities.
• Keep current on information security technologies and the evolving threat environment.
• Other duties as assigned.
  
  

Qualifications

• Please document qualifications on resume.***
  
  

Required Qualifications

• BA/BS plus at least four years of relevant experience, or master’s degree plus at least two years of experience.
• Deep understanding of the OWASP Top 10, web/network protocols (HTTP/S, TCP/IP), and programming proficiency in at least one major language (e.g., Java, Python, JavaScript).
• Demonstrated proficiency with industry-standard security tools such as BurpSuite Professional, OWASP ZAP, Acunetix, or Black Duck.

Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.

• Experience integrating security controls into CI/CD pipelines.
• Demonstrated ability to translate complex technical vulnerabilities into actionable business risks for both technical and non-technical stakeholders.
• Ability to maintain confidentiality when dealing with sensitive information.
• Ability to work independently and as part of a team.
  
  

Preferred Qualifications

• Experience leading multi-departmental projects and a self-motivated, technically curious approach to problem-solving.
• Experience working with developers and DevOps teams in a collaborative environment.
• Experience developing custom integrations with REST API services and cloud-native security controls.
• Familiarity with compliance frameworks common in higher education, such as NIST 800-171, HIPAA, or GLBA.
• Relevant certifications such as GWAPT, OSWE, or CSSLP.
  
  

Pay And Benefits

Pay Range: $100000 - $115000 ; depending on education/qualifications/experience

Time Appointment: 100% Appointment

Position Type: P&A Staff

Please visit the Office of Human Resources website for more information regarding benefit eligibility.

The University Offers a Comprehensive Benefits Package That Includes

• Competitive wages, paid holidays, and generous time off
• Continuous learning opportunities through professional training and degree-seeking programs supported by the Regents Tuition Benefit Program
• Low-cost medical, dental, and pharmacy plans
• Healthcare and dependent care flexible spending accounts

Interested in relocating to United State? Check out our comprehensive Relocation Jobs in United State page with detailed relocation packages and benefits.

• University HSA contributions
• Disability and employer-paid life insurance
• Employee wellbeing program
• Excellent retirement plans with employer contribution
• Public Service Loan Forgiveness (PSLF) opportunity
• Financial counseling services
• Employee Assistance Program with eight sessions of counseling at no cost
• Employee Transit Pass with free or reduced rates in the Twin Cities metro area
  
  

While our salary ranges provide a framework, it is important to note that most of the time, the initial pay may not reach the maximum of the range. This approach ensures that compensation reflects the value and unique contributions of each candidate while maintaining equity within our organization. As part of our commitment to fair and equitable compensation, please be aware that the salary offered to incoming candidates will be based on their individual credentials and experience.

How To Apply

Applications must be submitted online. To be considered for this position, please click the Apply button and follow the instructions. You will be given the opportunity to complete an online application for the position and attach a cover letter and resume.

Additional documents may be attached after application by accessing your "My Job Applications" page and uploading documents in the "My Cover Letters and Attachments" section.

To request an accommodation during the application process, please e-mail employ@umn.edu or call (612) 624-8647.

Diversity

The University recognizes and values the importance of diversity and inclusion in enriching the employment experience of its employees and in supporting the academic mission. The University is committed to attracting and retaining employees with varying identities and backgrounds.

The University of Minnesota provides equal access to and opportunity in its programs, facilities, and employment without regard to race, color, creed, religion, national origin, gender, age, marital status, disability, public assistance status, veteran status, sexual orientation, gender identity, or gender expression. To learn more about diversity at the U: http://diversity.umn.edu

Employment Requirements

Any offer of employment is contingent upon the successful completion of a background check. Our presumption is that prospective employees are eligible to work here. Criminal convictions do not automatically disqualify finalists from employment.

About The U Of M

The University of Minnesota, Twin Cities (UMTC)

The University of Minnesota, Twin Cities (UMTC), is among the largest public research universities in the country, offering undergraduate, graduate, and professional students a multitude of opportunities for study and research. Located at the heart of one of the nation's most vibrant, diverse metropolitan communities, students on the campuses in Minneapolis and St. Paul benefit from extensive partnerships with world-renowned health centers, international corporations, government agencies, and arts, nonprofit, and public service organizations.

At the University of Minnesota, we are proud to be recognized by the Star Tribune as a Top Workplace for 2021, as well as by Forbes as Best Employers for Women and one of America’s Best Employers (2015, 2018, 2019, 2023), Best Employer for Diversity (2019, 2020), Best Employer for New Grads (2018, 2019), and Best Employer by State (2019, 2022).