For 35 years, SVB Financial Group (NASDAQ: SIVB) and its subsidiaries have helped innovative companies and their investors move ambitious ideas forward, fast. SVB Financial Group's businesses, including Silicon Valley Bank, operate at the intersection of innovation and capital, and provide a comprehensive range of financial services including commercial banking, investment solutions, research and insights, funds management and private banking and wealth advisory. SVB helps high growth companies in the technology, life science and healthcare, private equity and venture capital, and premium wine industries navigate at every stage. In addition, the company focuses on encouraging positive relationships with firms within the private equity and venture capital community worldwide, many of which are also the firm's clients and may invest in the firm's corporate clients.

Sr. Application Security Cloud Engineer

Position Summary:

Are you excited about security and software development? Are you proficient in broad and deep application security skills and do you enjoy working in a fast-paced environment? Join us at Silicon Valley Bank for an exciting and challenging role.

In this role, you will join SVB's Application Security team and help ensure our products and services are built securely from the ground up by performing core application security practices like threat modeling, secure code reviews, security testing and so on.

Responsibilities:

• Act as liaison between Security and software development teams
• Assist development teams implementing secure SDLC practices
• Threat model web applications and work with development team throughout the SDLC
• Perform web application vulnerability assessments and penetration tests
• Provide security and compliance requirements for software development projects

• BS in Computer science or equivalent experience
• Experience in web application security testing (assessment/penetration testing)
• Cloud security knowledge
• Familiarity with OWASP guidelines
• Knowledge of agile and secure SDLC

• One or more Certifications (CISSP, GWEB, GPEN, GWAPT, OSWE, OSCE, OSCP)
• Software development or scripting experience (Python, Shell, Java, json, Scrum, Jira, etc)
• Familiarity with network and web application protocols (Http, Https, TCP/IP, SAML 2.0, OAuth 2.0, Rest APIs, etc)
• Knowledge or experience implementing SDLC frameworks like OpenSAMM or BSIMM
• Database knowledge