Sr API Security Software Engineer @ TIAA

Frisco, TX, United States

Security Software Dev Engineering Sr Specialist leads the development strategy of the shared security services engineering team which is responsible for building horizontal enterprise level security solutions.

You will be responsible for defining what a well-architected enterprise solution looks like and for leading a team of engineers to build the solution. You will create workstreams and work closely with other senior engineers to deliver critical initiatives.

Key Responsibilities and Duties

Deep dive into the most ambiguous parts of the enterprise stack, understand challenges and define well scoped software and security solutions.

Lead the planning, design, and engineering of security solutions and platforms related to Application, API and Platform security.

Own parts of team charter, strategy and roadmap to support business objectives.

Challenge the status quo, have bias towards action and make tradeoff decisions on build vs buy.

Able to influence security strategy, engineering architecture, standards and adoption of solutions through strong collaboration and communication skills.

Create standards and best practices around both in-house security software development and vendor product integration.

Provide technical leadership & mentorship to engineers both within and outside the team.

Educational Requirements

Bachelor's Degree or Equivalent Experience Required

Work Experience

5+ Years Required; 7+ Years Preferred

Physical Requirements

Physical Requirements: Sedentary Work

Required Skills:

5+ years of experience in Java/J2EE or similar object-oriented programming language

3+ years of experience working on one or more cloud platforms such as AWS, Microsoft Azure, Oracle Cloud, Google Cloud Platform

2+ years of experience working with API access patterns (B2B, B2C etc) and Authentication & Authorization controls using OAuth (OAuth, HMAC etc)

Preferred Skills:

Good understanding of security standards (NIST, OWASP Top 10+2 & similar), patterns and technologies

6+ years of experience in architecting and developing enterprise grade applications & solutions using frameworks such as Spring, Spring Boot

Hands on experience implementing and integrating with identity protocols such as OpenId Connect, OAuth, SAML

Good understanding of cryptography standards such as symmetric and asymmetric encryption, transport and data level security

#LI-158487406_MB1

Related SkillsAccountability, Adaptability, Business Continuity Planning, Cloud Computing Security, Collaboration, Communication, Compliance, Consultative Communication, Cybersecurity, Detail-Oriented, General Risk Management, Network Security, Prioritizes Effectively Security Software Dev Engineering Sr Specialist leads the development strategy of the shared security services engineering team which is responsible for building horizontal enterprise level security solutions.

You will be responsible for defining what a well-architected enterprise solution looks like and for leading a team of engineers to build the solution. You will create workstreams and work closely with other senior engineers to deliver critical initiatives.

Key Responsibilities and Duties

Deep dive into the most ambiguous parts of the enterprise stack, understand challenges and define well scoped software and security solutions.

Lead the planning, design, and engineering of security solutions and platforms related to Application, API and Platform security.

Own parts of team charter, strategy and roadmap to support business objectives.

Challenge the status quo, have bias towards action and make tradeoff decisions on build vs buy.

Able to influence security strategy, engineering architecture, standards and adoption of solutions through strong collaboration and communication skills.

Create standards and best practices around both in-house security software development and vendor product integration.

Provide technical leadership & mentorship to engineers both within and outside the team.

Educational Requirements

Bachelor's Degree or Equivalent Experience Required

Work Experience

5+ Years Required; 7+ Years Preferred

Physical Requirements

Physical Requirements: Sedentary Work

Career Level

9IC

Required Skills:

5+ years of experience in Java/J2EE or similar object-oriented programming language

3+ years of experience working on one or more cloud platforms such as AWS, Microsoft Azure, Oracle Cloud, Google Cloud Platform

2+ years of experience working with API access patterns (B2B, B2C etc) and Authentication & Authorization controls using OAuth (OAuth, HMAC etc)

Preferred Skills:

Good understanding of security standards (NIST, OWASP Top 10+2 & similar), patterns and technologies

6+ years of experience in architecting and developing enterprise grade applications & solutions using frameworks such as Spring, Spring Boot

Hands on experience implementing and integrating with identity protocols such as OpenId Connect, OAuth, SAML

Good understanding of cryptography standards such as symmetric and asymmetric encryption, transport and data level security

#LI-158487406_MB1

Related SkillsAccountability, Adaptability, Business Continuity Planning, Cloud Computing Security, Collaboration, Communication, Compliance, Consultative Communication, Cybersecurity, Detail-Oriented, General Risk Management, Network Security, Prioritizes Effectively Anticipated Posting End Date:

2024-07-12Base Pay Range: $152,200/yr. - $253,600/yr. Actual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location. In addition to base salary, the competitive compensation package may include, depending on the role, participation in an incentive program linked to performance (for example, annual discretionary incentive programs, non-annual sales incentive plans, or other non-annual incentive plans).

_____________________________________________________________________________________________________

Company Overview

TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.

Benefits and Total Rewards

The organization is committed to making financial well-being possible for its clients, and is equally committed to the well-being of our associates. That’s why we offer a comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones. Our benefits include a superior retirement program and highly competitive health, wellness and work life offerings that can help you achieve and maintain your best possible physical, emotional and financial well-being. To learn more about your benefits, please review our Benefits Summary .

Equal Opportunity

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Read more about the Equal Opportunity Law here .

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:

Phone: (800) 842-2755

Email: [email protected]

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here .

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here .

For Applicants of Nuveen residing in Europe and APAC, please click here .

For Applicants of Greenwood residing in Brazil (English), click here .

For Applicants of Greenwood residing in Brazil (Portuguese), click here .

For Applicants of Westchester residing in Brazil (English), click here .

For Applicants of Westchester residing in Brazil (Portuguese), click here .

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr