National Association of Mutual Insurance Companies
through a worldwide client-focused team. ÂDescription: An exciting opportunity has arisen for an Application Technology Auditor to join our growing team primarily focussed on technology supporting Finance and Risk & Compliance processes. The successful candidate will lead, as an Auditor-in-Charge, and execute the audit delivery lifecycle as a team member on audit assignments in accordance with Internal … FTP, NDM, MQ, etc.), application controls (SoD, edit/check validation, calculations, etc.), and output controls (C&A). Demonstrates understanding of businesses, processes, including applications, through flowcharting, workpapers, analysis, issue identification and discussions with project leaders and auditees on projects of varying complexity. Has strong understanding of audit, businesses, financial controls, regulations, or technology and actively seeks to … and colleagues in Audit to understand the underlying processes and procedures necessary to evaluate the risks and controls. Performs research independently and has adequate knowledge of statistical sampling and riskanalysis to perform research with technical accuracy. Engages in Continuous Monitoring activities. Uses knowledge of financial institutions and all applicable regulatory requirements. Demonstrates skills through advanced analysisMore ❯
through a worldwide client-focused team. Description: An exciting opportunity has arisen for an Application Technology Auditor to join our growing team primarily focussed on technology supporting Finance and Risk & Compliance processes. The successful candidate will lead, as an Auditor-in-Charge, and execute the audit delivery lifecycle as a team member on audit assignments in accordance with Internal … FTP, NDM, MQ, etc.), application controls (SoD, edit/check validation, calculations, etc.), and output controls (C&A). Demonstrates understanding of businesses, processes, including applications, through flowcharting, workpapers, analysis, issue identification and discussions with project leaders and auditees on projects of varying complexity. Has strong understanding of audit, businesses, financial controls, regulations, or technology and actively seeks to … and colleagues in Audit to understand the underlying processes and procedures necessary to evaluate the risks and controls. Performs research independently and has adequate knowledge of statistical sampling and riskanalysis to perform research with technical accuracy. Engages in Continuous Monitoring activities. Uses knowledge of financial institutions and all applicable regulatory requirements. Demonstrates skills through advanced analysisMore ❯
through a worldwide client-focused team. Description: An exciting opportunity has arisen for an Application Technology Auditor to join our growing team primarily focussed on technology supporting Finance and Risk & Compliance processes. The successful candidate will lead, as an Auditor-in-Charge, and execute the audit delivery lifecycle as a team member on audit assignments in accordance with Internal … FTP, NDM, MQ, etc.), application controls (SoD, edit/check validation, calculations, etc.), and output controls (C&A). Demonstrates understanding of businesses, processes, including applications, through flowcharting, workpapers, analysis, issue identification and discussions with project leaders and auditees on projects of varying complexity. Has strong understanding of audit, businesses, financial controls, regulations, or technology and actively seeks to … and colleagues in Audit to understand the underlying processes and procedures necessary to evaluate the risks and controls. Performs research independently and has adequate knowledge of statistical sampling and riskanalysis to perform research with technical accuracy. Engages in Continuous Monitoring activities. Uses knowledge of financial institutions and all applicable regulatory requirements. Demonstrates skills through advanced analysisMore ❯
Architect/Technical Lead is a key strategist responsible for spearheading the identification, shaping, and closure of high-impact business opportunities. They possess extensive expertise in technology, business requirements analysis, and solution architecture across a spectrum of domains. This role involves leading executive-level discussions to understand client needs and align efforts across multiple workstreams. The Lead Solution Architect … Government Engineers, Contractor Engineers, Contractor Operations staff, Management, and 3rd party vendors • Ensure timely delivery of all Engineering Service Requests, removing any obstacles to completing work as scheduled • Perform riskanalysis of each Engineering Service Request, and inform all stakeholders of the applicable risks • Develop, maintain, and execute project plan in support of the platform development and future … as part of the Project Initiation activities • Develop and provide briefings to customers management stakeholders • Provide meeting minutes documenting action items, milestones, and status • Report project risks along with risk mitigation recommendations • Be responsible for day-to-day management of project activities ensuring assigned tasks are completed and that all deliverables are of the highest quality • Develop and maintain More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities via static/dynamic analysis, manual review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime … Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies such as STRIDE and risk analysis. Experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant certifications such More ❯
threat modeling, secure coding, design reviews, and architecture assessments. Lead the integration of DevSecOps practices into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual review, and testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime protection. … Requirements: Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies like STRIDE and risk analysis. Hands-on experience with SAST/DAST/IAST tools such as Snyk, SonarQube, Burp Suite, Veracode, etc. Strong understanding of cloud platforms and modern architectures. Relevant certifications More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime … experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant More ❯
including threat modeling, secure coding, design reviews, and architecture assessments. Lead DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies like STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST, DAST, IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant certifications such More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and runtime … Proven experience in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. Familiarity with threat modeling methodologies like STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modelling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
Office will serve as the design and development lead for the trade lifecycle commodity trading platform and other front office applications, including market data feeds, pricing models, real-time riskanalysis (e.g., scenario tools, VaR), and analytical platforms. They will set the direction and scope of the development backlog and drive the delivery of new or enhanced software … procedures, architecture and quality standards. Implement and optimize system functionalities to support commercial trading strategies and ensure compliance with regulatory requirements. Develop scalable solutions to enhance trade lifecycle management, riskanalysis, and transaction processing. Work closely with traders, risk managers, and compliance teams to gather technical requirements and deliver efficient, automated solutions. Build and refine APIs, data … Agile development teams Essential: Integrating and consuming market data feed APIs (e.g. Bloomberg, DataGenics etc.) Essential: Knowledge of Salesforce CRM & integration (Strongly preferred): Aspect scripting (Strongly preferred): Exploratory data analysis (Strongly preferred): Data Engineering - Azure Data Factory or Data Bricks (Preferred) Coding (working knowledge of Python) Commodities: Essential: 5+ years software development in a commodities or financial services firm More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
secure coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for code analysis and … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools like SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. Relevant More ❯
coding, design reviews, and architecture assessments. Lead the implementation of DevSecOps practices, integrating security into CI/CD pipelines. Identify and remediate application-level vulnerabilities through static/dynamic analysis, manual code review, and security testing. Collaborate with engineering and platform teams to secure APIs, microservices, and containerized workloads. Evaluate and implement security tools for secure code analysis … in application security architecture. Deep knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding best practices. Familiarity with threat modeling methodologies such as STRIDE and architectural risk analysis. Hands-on experience with tools such as SAST/DAST/IAST, Snyk, SonarQube, Burp Suite, Veracode, or similar. Strong understanding of cloud platforms and modern development architectures. More ❯
documentation for completeness and accuracy in accordance with federal and DoD policy. Thoroughly understand and be able to implement DoD RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp … exchanges for data gathering, and collaborate with diverse audiences. Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, riskanalysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the Government More ❯
