Product Security Engineer II

Envestnet is seeking a passionate and talented Product Security Engineer to join our Information Technology team.

Envestnet, Inc. (NYSE: ENV) is transforming the way financial advice and wellness are delivered. Our mission is to empower advisors and financial service providers with innovative technology, solutions, and intelligence to make financial wellness a reality for everyone.

Since our founding 20 years ago, we are fully vested in helping people live an intelligent financial life. If you love the idea of working in a Fintech company with the environment and excitement of a start-up where you are making everyday impact – then read on.

Job Summary:

The Product Security Engineer ensures that the engineering teams they partner with are leveraging the product security tools and practices in their development lifecycle. You will be providing assistance with vulnerability identification and remediation. You will aid in developing solutions to sustain current practices and look for opportunities to provide stronger security in the development lifecycle of internally developed and externally acquired software. You will participate in code reviews, provide solutions for streamlining and automating tools, work with engineering teams to address security in the development lifecycle, and advance security practices in the organization.

Job Responsibilities:

  • Work hand in hand with the engineering partners in our organization to understand their development, build, and deployment pipeline in order to integrate a defined set of security tools and best practices.
  • Take the output from our security tools, and security testing practices to formulate a remediation and mitigation strategy with the engineering partners to reduce the overall risk of Envestnet.
  • Promote Product Security culture in our organization leveraging our internal learning platforms, forums, and collaboration channels.
  • Review requirements, architectures, designs, and code and provide guidance on security remediation, mitigation, requirements, and enhancements.
  • Develop automation and integrate tools and services in the Enterprise Security Organization.

Required Qualifications:

  • Experience with common web application vulnerabilities, such as the OWASP Top 10, Common Weakness Enumeration (CWE), and business logic flaws. Ability to explain vulnerabilities and weaknesses and discuss effective defensive techniques.
  • Bachelor’s degree in Information Security, Computer Science, or related field.
  • Minimum 3-5 years in a software development environment using Java, .NET, or similar language.
  • Minimum 3-5 years of secure product development experience
  • Practical experience setting up, configuring, and onboarding with security tools in the SDLC such as SAST, DAST, secure test plans, etc.
  • Experience with a modern SDLC including CI/CD pipelines, multi-cloud architecture, API strategies, and container deployment.
  • Basic understanding of cloud services like AWS, Azure and Google Cloud

Preferred Qualifications:

  • Security+, CEH or other security certifications are a plus.

About Us:

Envestnet is a leading independent provider of technology‐enabled investment and practice management solutions to financial advisors who are independent, as well as those who are associated with small or mid‐sized financial advisory firms and larger financial institutions. Envestnet’s technology is focused on addressing financial advisors’ front, middle, and back‐office needs while leveraging our platform to grow their businesses and expand client relationships.

We offer a highly competitive compensation and benefits package as well as the excitement, challenges, and rewards of a fast-growing, entrepreneurial company.

Why Choose Envestnet:

  • Be a member of a leading financial services and products innovation company
  • Competitive Compensation/Total Reward Packages that include:
    • Health Benefits (Health/Dental/Vision)
    • Paid Time Off (PTO) & Volunteer Time Off (VTO)
    • 401K – Company Match
    • Annual Bonus Incentives
    • Equity
    • Parental Stipend
    • Tuition Reimbursement
    • Student Debt Program
    • Charitable match
    • Wellness Program
  • Work on global projects with diverse, energetic, team members who respect each other and celebrate differences
  • The best work locations with unlimited snacks!

The salary range for this position is $63,000 to $140,000.

Envestnet is an Equal Opportunity Employer.

#LI-LM2