Founded in 1908, CIT (NYSE: CIT) is a leading national bank empowering businesses and personal savers with the financial agility to navigate their goals. We believe in helping customers turn their ideas into outcomes. Whether those customers are building a business or building their savings, CIT has the experience and agility to empower them to achieve their goals. At CIT, how we do business is just as important as what we do. Our social responsibility programs focus on driving financial and personal empowerment, supporting the environment and advancing wellness. CIT contributes to communities where we live, work and do business through charitable donations, community investments and employee volunteerism.
The Application Security Engineer is a hands-on, first line role responsible for evaluating and enforcing security across the Secure Software Development Life Cycle (SDLC). The Application Security Engineer will conduct code reviews and assess/remediate issues stemming from application security scans using various tools. The position will work closely with IT Development implementing, executing and improving the security of CiT developed applications that could lead to negative operational, reputational, and/or financial impact. The ideal candidate will have solid experience operating a risk-based penetration testing program, conducting both manual and automated penetration tests to improve application security and effecitvely communicating flaws to management as part of risk metrics reporting.
Key terms: Application security engineering, OWASP, static/dynamic analysis, penetration testing and tools, defensive programming, application security training, malware techniques and defenses.