Please Enable Cookies to Continue Please enable cookies in your browser to experience all the personalized features of this site, including the ability to apply for a job. Returning Candidate? AVP, Application Security Engineer Location US-NC-Charlotte
Job ID 32875
# Positions 1
Job Family Information Technology - IT Engineering
CIT is a leading national bank focused on empowering businesses and personal savers with the financial agility to navigate their goals. CIT Group Inc. (NYSE: CIT) is a financial holding company with over a century of experience and operates a principal bank subsidiary, CIT Bank, N.A. (Member FDIC, Equal Housing Lender). The company's commercial banking segment includes commercial financing, community association banking, middle market banking, equipment and vendor financing, factoring, railcar financing, treasury and payments services, and capital markets and asset management. CIT's consumer banking segment includes a national direct bank and regional branch network. Discover more at .
The Application Security Engineer is responsible for evaluating and enforcing security across the Secure Software Development Life Cycle (SDLC). The Application Security Engineer will conduct code reviews and assess/remediate issues stemming from application security scans using various tools. The position will work closely with IT Development teams implementing, executing and improving security of internally developed applications that could lead to negative operational, reputational, and/or financial impact to CIT.
- Knowledge of Software Development Life Cycle.
- Ability to identify security vulnerabilities from source code reviews/testing and provide security guidance to development teams.
- Strong knowledge of Open Web Application Security Project (OWASP).
- Strong knowledge of common application security vulnerabilities e.g., XSS, CSRF, SQL injection, input/output validation, etc.) and how to engineer software to avoid them.
- Expertise in application security testing, static and dynamic analysis.
- Prior Experience in programming in one or more server-side technologies ideal e.g., ASP.NET
- Experience with penetration testing methods and tools.
- Familiarity with web application firewalls.
- Critical thinker with demonstrated problem solving skills.
- Demonstrated ability to prioritize and successfully manage competing work assignments in a time sensitive environment.
- A high degree of initiative required with the ability to work independently or as part of a team.
- High level of personal integrity, and the ability to professionally handle confidential matters and project the appropriate level of urgency, judgment and maturity.
Options Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed
CIT is committed to Equal Employment Opportunity. It is the policy of CIT to provide equal employment opportunities to all qualified applicants without regard to their race or perceived race (including traits historically associated with race, such as hair texture and protective hairstyles), color, national origin, nationality, ancestry, citizenship, immigration status, age), sex (including pregnancy, lactation, childbirth or related medical conditions), actual or perceived gender, gender identity, gender expression or transgender (including transgender individuals who are transitioning, have transitioned, or are perceived to be transitioning to the gender with which they identify), religion, creed, marital status, family status, domestic partnership or civil union status, affectional or sexual orientation, atypical hereditary cellular or blood trait, genetic information or predisposition or carrier status (including testing and characteristics), status as a victim of domestic violence, actual or perceived status as a caregiver,military service protected veteran status, mental or physical disability, perceived disability, record of disability, medical condition, AIDS and HIV status, or any other protected characteristic established by applicable federal, state, or local laws. If you would like more information about your EEO rights as an applicant under the law, please click here: