IT Job Pro

Most Popular Tech Job site – Find Jobs || Post Jobs

Application Security Engineer

Job Title
Application Security Engineer

Requisition #

Austin – Austin, TX 78701 US
New York – New York, NY 10016 US
Norwalk – Norwalk, CT 06851 US (Primary)

Job Type

Career Level
Experienced (Non-Manager)


Bachelor’s Degree

Job Description

FactSet is a financial data and software company headquartered in Norwalk, CT with offices in 35 locations worldwide. As a global provider of financial information and analytics, FactSet helps the world’s best investment professionals outperform. More than 87,500 users stay ahead of global market trends, access extensive company and industry intelligence, and monitor performance with FactSet’s desktop analytics, mobile applications, and comprehensive data feeds. As of February 28, 2018, annual subscription value reached $1.3 billion and headcount passed 9,000.

FactSet was ranked #89 on FORTUNE’s 100 Best Places to Work list in 2016 and has consistently been recognized as a great workplace by leading publications.

Role/Department Description:
FactSet is currently seeking an Application Security Engineer, experienced in application security testing and architecture, to join the global Security team. You will work with stakeholders and internal clients in Software Engineering, Systems Engineering, and Product Development to securely design, develop, test, and deploy products.


Identify potential risks, threats, vulnerabilities and exploits through architecture review, threat modeling, secure code review, and penetration testing

Define information security policies and standards that support secure coding practices

Develop tools to support the automation of security testing and more efficiently discover, track, and resolve security vulnerabilities

Educate employees on secure coding and development best practices

Job Requirements

2+ years of relevant Security Engineering or Penetration Testing experience

Bachelors or Masters in Computer Science/Engineering or related field

Thorough, detail-oriented and quality-driven with excellent communication and inter-personal skills

Familiarity of SSDLC (Secure Software Development Life Cycle) or SDL (Secure Development Lifecycle)

Knowledge of common software and web application vulnerabilities, such as the OWASP Top 10.

Participate as a member of a 724 on-call rotation

Software Engineering experience developing/debugging is a significant plus

Relevant industry training and/or certification: CSSLP, CISSP, OSCP, GWAPT, or GPEN

Able to deliver quality results in a high-energy/high-pressure environment

Ability to multi-task and manage demands of many projects, issues, and tasks

Ability to perform duties with minimal supervision

Tools and Capabilities:

Nexpose, AppSpider, Nessus, Burp Suite, w3af, sqlmap, Nikto, nmap, Metasploit and Webscarab


Firewalls, IDS/IPS and WAF

C, C++, Objective-C, Java or .Net


Perl, Python or PHP

To find out more about opportunities at FactSet, visit us at ************************ ************************* or ************************

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.

FactSet Research Systems Inc. is an E-Verify participant and EOE/M/F/D/V Employer which strongly supports diversity in the workforce.

To apply for this job please visit