AARP is the nation's largest nonprofit, nonpartisan organization dedicated to empowering people 50 and older to choose how they live as they age. With a nationwide presence and nearly 38 million members, AARP strengthens communities and advocates for what matters most to families: health security, financial stability and personal fulfillment. AARP also produces the nation's largest circulation publications: AARP The Magazine and AARP Bulletin.
Information Technology Services is responsible for AARP enterprise-wide technology and information security functions. Services range from infrastructure design and operations, system and software lifecycle implementations, enabling the mobile workforce and protecting AARP network, systems and data. A variety of technologies and practices are used including cloud computing, automation, artificial intelligence and machine learning within highly collaborative Agile teams.
The Application Security Engineer
is a core technical resource on a platform/capability team responsible for the architecture design, development, maintenance, administration, and continuous improvement of solutions in AARP's enterprise and business systems. This position is accountable for the technical components of the platform/capability strategy and lifecycle and will be expected to deliver incremental business value in an agile environment. The Application Security Engineer
must be a multi-faceted technologist able to build business-value based objectives and perform "hands on" development and configuration within AARP's technology ecosystem. Responsibilities
- Establishing the technical roadmap for the platform or capability strategy and lifecycle that considers value-based outcomes, costs to maintain, supportability, and performance.
- Ensuring sound integration, data, security, and business architecture design throughout all stages within the platform or capability lifecycle.
- Providing the rapid delivery and development of technical solutions that align with business and/or platform outcomes.
- Providing technical leadership for internal and external audits, disaster recovery, ongoing operations, production support, third-party development or implementation services, contract negotiations, and business interactions related to platform or capability systems and services.
- Troubleshooting and resolving technical issues related to platform or capability systems, solutions, and services.
- Innovating and/or driving the continuous improvements of implementation methodology and technical service offerings based on customer/employee experiences or other enterprise objectives/outcomes.
- Actively participating in a Community of Interest for engineers across all capability and platform teams to share information and strengthen understanding of business needs and technology-based business solutions.
- Developing and maintaining deep technical knowledge and expertise related to domain area systems, solutions, services and applications.
- Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering or related field.
- 5+ years of application development experience.
- 2+ years of experience of integrating security into the development pipeline, with hands-on experience with Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Runtime Application Self-Protection (RASP), and software composition analysis solutions.
- Knowledge of Web Application Firewalls, Automatic Bot Protection, and Database Activity Monitoring.
- Knowledge of penetration testing, threat modeling, and security architecture reviews.
- Familiarity with modern application design principles, including infrastructure as code, microservices architecture, and automated software delivery processes.
Flexible Work Arrangement (FWA)
- Regular and reliable job attendance.
- Effective verbal and written communication skills.
- Exhibit respect and understanding of others to maintain professional relationships.
- Independent judgement in evaluation options to make sound decisions.
- Home office environment with the ability to work effectively surrounded by moderate home environment noise.
AARP observes Mondays and Fridays as telecommuting workdays, except for essential functions. Remote work and telecommuting can only be done within the United States and its territories. Compensation and Benefits
AARP offers a competitive compensation and benefits package including a 401(k); 100% company-funded pension plan; health, dental, and vision plans; life insurance; paid time off to include company and individual holidays, vacation, sick, caregiving, and parental leave; performance-based and peer-based recognition; tuition reimbursement; among others.
For this position, we anticipate offering a salary between $144,000 to $168,000 per year. This role is also eligible to participate in an annual incentive plan with a percentage up to 12%. Bonus eligibility is dependent upon organizational and individual performance. Equal Employment Opportunity
AARP is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. AARP does not discriminate on the basis of race, ethnicity, religion, sex, color, national origin, age, sexual orientation, gender identity or expression, mental or physical disability, genetic information, veteran status, or on any other basis prohibited by applicable law.