Sr. Application Security Engineer

Are you curious to learn? Are you interested in working on meaningful projects? Do you want to work with cutting-edge technology? Are you interested in being part of a team that is working to transform and do things differently? If so, LPL Financial is the place for you!

Job Overview:

As a member of the Information Security team, the Sr. Application Security Engineer will be responsible for helping to develop, mature, and sustain the Application Security program for the company. Application Security is a top area of focus at LPL. We have incorporated key industry security best practices, technologies and integrated processes to further strengthen our defense posture. This is an exciting time to join the Information Security Vulnerability Management team as we are continuing to expand the Application Security program.

Responsibilities:

• Perform as an application security SME in the following areas: Web Applications, Mobile Applications, Databases, APIs, Containers and other domains.
• Support and maintain application security testing platforms and develop integrations with automation platforms
• Work with Application Development teams to review potential false-positive scan results and evaluate proposed mitigating factors
• Produce and track application security metrics
• Support the secure development and testing of critical Advisor and Investor LPL applications
• Mentor and educate product development and quality engineers on secure development and security best practices
• Monitor and review CVEs, industry developments, and provide inputs for continuous improvement
• Work with Internal Audit, IT Governance, IT Compliance and other key stakeholder groups on specific projects
  
  
  

What are we looking for?

We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.

Requirements:

• 5 years of application security experience
• 5 years of experience performing manual testing of APIs and web applications to identify/validate vulnerabilities.
• 5 years of experience developing and maintaining enterprise security libraries, components, best practices checklists.
• 5 years of experience performing application security risk evaluation, partnering with key stakeholders to further enhance application security CI/CD pipeline and continually assess security posture for improvement.
• 5 years of experience creating and maintaining scan profiles for performing static, authenticated dynamic, IAST, and 3rd party library automated analysis with application scanning tools
• 5 years of experience with reviewing and analyzing vulnerability scan results and tracking closure of vulnerabilities
  
  
  

Core Competencies:

• Understanding of OWASP Top 10 Critical Web Application Security Risks, their identification, and architecture, design, coding patterns to mitigate them
• Knowledge of secure coding best practices, secure SDLC, secure architecture, and DevSecOps methodologies
• Strong analytical, interpersonal and communication skills
  
  
  

Preferences:

• Bachelor’s Degree or equivalent in Information Security, Engineering or Computer Science.
• Application development and Security Engineering or Security Architecture experience
• Experience using Application Security Code Scanning Tools such as Synopsys, BlackDuck, J-Frog, PrismaCloud, API scanners as well as manual tools such as Burpsuite and Postman
• Experience working with security of applications developed in C#, Java, and web (HTML, CSS, JS, React, Angular, REST) technologies
• Experience working with DevSecOps and CI/CD pipelines
  
  
  

Pay Range:

$97,725-$162,875/year

Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play – such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more. Your recruiter will be happy to discuss all that LPL has to offer!

Company Overview:

LPL Financial Holdings Inc. (Nasdaq: LPLA) was founded on the principle that the firm should work for advisors and institutions, and not the other way around. Today, LPL is a leader in the markets we serve, serving more than 23,000 financial advisors, including advisors at approximately 1,000 institutions and at approximately 580 registered investment advisor ("RIA") firms nationwide. We are steadfast in our commitment to the advisor-mediated model and the belief that Americans deserve access to personalized guidance from a financial professional.

At LPL, independence means that advisors and institution leaders have the freedom they deserve to choose the business model, services, and technology resources that allow them to run a thriving business. They have the flexibility to do business their way. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors and institutions, so they can take care of their clients.

Join LPL Financial: Where Your Potential Meets Opportunity

At LPL Financial, we believe that everyone deserves objective financial guidance. As the nation’s leading independent broker-dealer, we offer an integrated platform of cutting-edge technology, brokerage, and investment advisor services.

Why LPL?

• Innovative Environment: We foster creativity and growth, providing a supportive and responsive leadership team. Learn more about our leadership team here!
• Limitless Career Potential: Your career at LPL has no limits, only amazing potential. Learn more about our careers here!
• Unified Mission: We are one team on one mission—taking care of our advisors so they can take care of their clients. Learn more about our mission and values here!
• Impactful Work: Our size is just right for you to make a real impact. Learn more here!
• Commitment to Equality: We support workplace equality and embrace diverse perspectives and backgrounds. Learn more here!
• Community Focus: We care for our communities and encourage our employees to do the same. Learn more here!
• Benefits and Total Rewards: Our Total Rewards package goes beyond just compensation and insurance. It includes a mix of traditional and unique benefits, perks, and resources designed to enhance your life both at work and at home. Learn more here!
  
  
  

Join the LPL team and help us make a difference by turning life’s aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE.

Information on Interviews:

LPL will only communicate with a job applicant directly from an @lplfinancial.com email address and will never conduct an interview online or in a chatroom forum. During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant’s bank or credit card. Should you have any questions regarding the application process, please contact LPL’s Human Resources Solutions Center at (855) 575-6947.

EAC1.22.25