H&R Block is seeking a Senior Security Engineer to ensure the security of its products throughout their lifecycle. The role involves risk assessment, implementing secure development practices, and collaborating with cross-functional teams to integrate security into the Software Development Lifecycle
Job Summary
The Senior Application Security Engineer ensures the security of products throughout their lifecycle by consulting with stakeholders and implementing best practices.
This role involves performing threat modeling, vulnerability assessments, and integrating security tools into CI/CD pipelines to automate protection.
Candidates must have strong expertise in Python, React, and Django while ensuring compliance with industry standards like AICPA SOC2 and NIST CSF.
Matching Summary
Match Score: 85
H&R Block is seeking a Senior Security Engineer to ensure the security of its products throughout their lifecycle. The role involves risk assessment, implementing secure development practices, and collaborating with cross-functional teams to integrate security into the Software Development Lifecycle.
Skills & Requirements
Must-have
5+ years application security experience
Threat modeling methodologies STRIDE MITRE ATT&CK
AWS Azure cloud security services
CI/CD pipeline SAST DAST SCA integration
Python React Django Rest Framework fluency
Manual source code review and penetration testing
Compliance with SOC2 HIPAA PCI DSS SOX
Nice-to-have
IoT embedded systems or mobile app security
Experience mentoring engineering teams
Knowledge of GDPR regulatory standards
Strong communication and interpersonal skills
Ability to work independently in remote setting
Key Requirements
Bachelor's degree in Computer Science or related field
5+ years of experience in an application security role
Fluency in Python, React, and Django Rest Framework
Experience with AWS, MS Azure, and orchestration tools
Certifications such as CISSP, CSSLP, or CEH preferred