Job Description

Overview:
Working in collaboration with development teams, the IT Application Security Engineer will define security controls in StoneX\xe2\x80\x99s software, identify and prioritize vulnerabilities in applications, databases, and related infrastructure components, provide resolution guidance to the development team, perform source code reviews, and conduct application security tests. This position will also be responsible for educating and mentoring developers on secure coding and application security best practices. Responsibilities:

• Participate in the implementation of the secure Software Development Life Cycle across all internally developed applications at StoneX

• Perform manual and automated security testing of StoneX applications
• Identify risks and areas of exposure in applications developed by StoneX
• Partner with various development teams and business units to resolve vulnerabilities.
• Integrate security tools into development teams CI/CD process.
• Educate developers on secure coding techniques and security best practices.

• Participate in development of security policies, standards, and processes.
• Read and understand security test reports. Provide advice in remediating vulnerabilities and following up with the risk mitigation
• Monitor industry trends and threat landscape and recommend necessary controls or countermeasures.
• Build and maintain internal tools to streamline software development process to enhance productivity

• Participate in the implementation of the secure Software Development Life Cycle across all internally developed applications at StoneX

• Perform manual and automated security testing of StoneX applications
• Identify risks and areas of exposure in applications developed by StoneX
• Partner with various development teams and business units to resolve vulnerabilities.
• Integrate security tools into development teams CI/CD process.
• Educate developers on secure coding techniques and security best practices.

• Participate in development of security policies, standards, and processes.
• Read and understand security test reports. Provide advice in remediating vulnerabilities and following up with the risk mitigation
• Monitor industry trends and threat landscape and recommend necessary controls or countermeasures.
• Build and maintain internal tools to streamline software development process to enhance productivity