Senior Application Security and DevSecOps Specialist

Senior Member Technical

At Broadridge, we've built a culture where the highest goal is to empower others to accomplish more. If you’re passionate about developing your career, while helping others along the way, come join the Broadridge team.

Role and responsibilities include:  

• Conduct regular security assessments (SAST/SCA/DAST) utilizing both automated and manual methods to identify security vulnerabilities 

• Responsible for assessing the risk of the found vulnerabilities as per Broadridge Security Standards and documenting them with proper proof of concepts, as necessary 

• Perform security design and architectural reviews for new and existing applications to ensure they meet security standards and best practices. 

• Collaborate with technical teams and business stakeholders to provide expert advice on vulnerability remediation strategies and best practices. 

• Assess risks reported in the vulnerability assessment results and other security related data, and prioritize remediation actionsIntegrate security practices into the CI/CD pipeline to identify and address vulnerabilities early in the development cycle and maintain the tooling in the CICD pipeline 

• Conduct regular security group reviews. 

• Identify and implement automation opportunities within security testing and review processes to enhance efficiency and effectiveness. 

• Awareness of working and adapting to Agile environment 

Skill Requirements:  

• A bachelor’s or higher degree in Computer Science, Computer Engineering, or similar discipline.  

• Minimum 6 years of hands-on experience in application security and 2 years in DevSecOps, and extensive knowledge in any one of the object-oriented programming languages.  

• Strong Information Security technical skills and knowledge to identify, research and understand security control gaps and program compliance issues 

• Strong web application security experience with thorough understanding of web application vulnerabilities and secure coding practices  

• Demonstrated experience in performing threat modeling, security architecture review, and vulnerability assessment on applications and infrastructure 

• Deep understanding of OWASP methodologies for web, API, mobile, CI/CD, and LLM. 

• Knowledge in Cloud(AWS, Azure) Architecture 

• Familiarity with CI/CD tools (e.g., Jenkins, GitLab CI) and their integration with security tools. 

• Understanding of Security Policies, Procedures, Audit, and Compliance requirements 

• Skills in Terraform/Chef/Python/Perl/Ruby is desired 

• Superior ability to effectively communicate security concepts, threats, controls, and mitigation/remediation to application teams and audiences not familiar with such topics 

Soft Skills: 

• Excellent communication and presentation skills 

• Ability to work collaboratively and build consensus is essential 

• Ability to manage multiple priorities effectively. 

• Strong analytical and problem-solving skills with attention to detail. 

• Willingness and capability to self-learn 

Good to Have:  

• Experience in conducting infrastructure vulnerability scans, analysis of scan results, and vulnerability triage.  

• Experience in assessing and enhancing security of cloud-based environments and services. 

• Experience in AWS security involving tools and process 

• Experience in container/Kubernetes security  

• Active participation in the security communities and groups 

• Demonstrated commitment to staying up to date with emerging security threats and technologies. 

• Hold at least one applicable industry certification; CEH, CISSP, OSCP, CISM, Cloud Security etc.  

We are dedicated to fostering a collaborative, engaging, and inclusive environment and are committed to providing a workplace that empowers associates to be authentic and bring their best to work. We believe that associates do their best when they feel safe, understood, and valued, and we work diligently and collaboratively to ensure Broadridge is a company—and ultimately a community—that recognizes and celebrates everyone’s unique perspective. 

Use of AI in Hiring 

As part of the recruiting process, Broadridge may use technology, including artificial intelligence (AI)-based tools, to help review and evaluate applications. These tools are used only to support our recruiters and hiring managers, and all employment decisions include human review to ensure fairness, accuracy, and compliance with applicable laws. Please note that honesty and transparency are critical to our hiring process. Any attempt to falsify, misrepresent, or disguise information in an application, resume, assessment, or interview will result in disqualification from consideration.

Experience Level

Senior Level