Senior Application Security Engineer

Job Description

Senior Application Security Engineer

(Draper, Utah In-Office)

As a Senior Application Security Engineer for Upbound Group, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities. You will make a difference in promoting a culture of security inside the engineering organization and work with engineers to produce more secure applications. You will work to both collect and disseminate information throughout the business to ensure processes and procedures are operating efficiently and effectively. You will support the developers in their efforts to secure our applications and assist in the documentation and tracking of various application security and cloud.

About Upbound

Upbound Group, Inc. (effective February 27, 2023 : NASDAQ : UPBD) is an omni-channel platform company committed to elevating financial opportunity for all through innovative, inclusive, and technology-driven financial solutions that address the evolving needs and aspirations of consumers. The Company’s customer-facing operating units include industry-leading brands such as Rent-A-Center and Acima that facilitate consumer transactions across a wide range of store-based and digital retail channels, including over 2,400 company branded retail units across the United States, Mexico and Puerto Rico. Upbound Group, Inc. is headquartered in Plano, Texas. Acima is headquartered in Draper Utah.

What You Will Do

• Collaborate with engineers, consultants, and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC)
• Build automated code scanning tools to identify security vulnerabilities in application code and infrastructure code using both open source and commercial tools Integrating open-source and / or commercial static application code scanning tools with the CI / CD Pipeline
• Enable secure-by-default best practices by developing libraries and frameworks to prevent future vulnerabilities
• Operate at enterprise scale by building and managing tools that help test, monitor, and improve application security
• Develop security standards, preferred implementation patterns, secure common frameworks, and developer documentation and educational materials
• Provide secure developer training to software engineers on how to write secure code and follow best practices
• Conduct web app penetration testing, code scanning, dependency scanning that can be incorporated into SDLC process and CI / CD pipeline
• Work closely and together with the development team to provide guidance and mitigate security vulnerabilities
• Perform security architecture and design reviews of all systems and applications developed at Acima
• Provide a leadership role in the development, implementation and maintenance of consistent application and infrastructure architecture security programs

Qualifications

Benefits / Compensation

#LI-RF1