Senior Application Security Engineer

Job title : Senior Application Security Engineer

Corporate Title : Vice President

Department : Risk Management

Location : New York

The pay range for this position at commencement of employment is expected to be between $145,000 and $175,00 / / year

Company overview

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions : Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com.

Aon's Benefit Index®, Nomura's benefits rank #1 amongst our competitors

Department overview :

Nomura has a robust global Information Security department, members of which are located in all of its major regions, namely Japan, Americas, India, Asia Excluding Japan (AeJ) and EMEA. This role will report directly to the Application Security Lead in New York.

Role Overview

We are looking for a talented and experienced professional to join our team as Senior Application Security Engineer with specific focus on DevSecOps, Dynamic Application Security Testing (DAST, UAT), and related activities. In this role, you will part of a team leading the design, development, and implementation of robust and scalable application security solutions to protect Nomura's critical assets. This role is technical and hands-on and requires a deep understanding of application security practices (SAST, SCA, DAST) and generally the secure software development lifecycle (SDLC). It requires the development and implementation of processes, policies, standards, and solutions in collaboration with the Global Heads of Information Security and key stakeholders (e.g., Technology, business, legal, HR, compliance). You will play a key role in shaping our information security strategy and ensuring the resilience and effectiveness of application security solutions.

Key Responsibilities

• Drive innovation in DevSecOps security automation across a global enterprise environment, implementing cutting-edge solutions and best practices
• Build out and maintain robust Dynamic Application Security Testing Practice, including
• Manage and Deploy our DAST tool
• Support onboarding and scanning of business applications and related processes
• Validate scans and risk-assess findings (triage, attribution)
• Read out findings to developers and advice on remediation
• Lead strategic partnerships with Application Security development teams to :
• Drive adoption of security best practices
• Implement robust security practices throughout the application lifecycle
• Establish security-first development methodologies
• Foster collaborative relationships with key stakeholders to ensure :
• Alignment with industry security standards
• Compliance with regulatory requirements
• Implementation of robust security frameworks
• Adherence to governance protocols

Skills, experience, qualifications and knowledge required

If hired, employee will be in an "at-will position" and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department / team performance, and market factors".

Nomura is an Equal Opportunity Employer