Application Security Engineer

Pennymac (NYSE: PFSI) is a specialty financial services firm focused on mortgage production and servicing. Our people are the foundation of our success, working towards helping Americans achieve homeownership.

The Application Security Engineer will join our Information Security team, collaborating with development, product teams, and stakeholders. Responsibilities include integrating security into the product lifecycle, emphasizing cloud environments, secure coding, vulnerability management, attack surface reduction, and DevOps practices. The role requires managing security across applications, CI/CD pipelines, IaC, and conducting risk assessments, with a focus on AWS and some GCP, Linux, and Windows systems. Proficiency in scripting (BASH/PowerShell) and understanding multiple programming languages are essential.

1. Work with product teams to ensure secure coding practices throughout SDLC.
2. Implement security platforms like DAST, SAST, SCA, CSPM.
3. Provide expertise in application security, threat modeling, and secure coding.
4. Perform code analysis and security reviews across languages such as Ruby, Python, Bash, TypeScript, Java, JavaScript, C++, Go.
5. Automate security processes with scripting.
6. Stay updated on security threats and technologies.
7. Build relationships with development teams to promote security culture.
8. Support cybersecurity incident responses.
9. Configure security for serverless and containerized applications.
10. Collaborate across teams to develop secure systems.
11. Lead security best practices and standards implementation.
12. Support secure development standards and governance.
13. Conduct threat modeling, risk assessments, and security testing.
14. Maintain open communication to integrate security early in projects.
15. Mentor junior staff in DevSecOps and security practices.

• 2+ years in Cyber Security.
• 3+ years in programming/scripting.
• Experience with Gitlab, Azure DevOps, AWS, and security controls.
• Knowledge of secure configuration management, SAST, DAST, penetration testing, and multiple programming languages.
• Strong problem-solving and communication skills.
• Ability to work independently and continuously improve processes.

Join Pennymac, a top mortgage lender committed to sustainable growth and an inclusive environment. We offer comprehensive benefits such as medical, dental, vision, paid time off, wellness programs, 401k, and more. Learn more about our benefits here.

Salary range: $95,000 - $155,000. This role is REMOTE.