Application Security Engineer
Job Category Information Technology
Location Baltimore, MD
Employment Type Full time
Apply Now
Company Overview
Every firm has a culture – the values, beliefs, methodology, attitudes and standards that reflect an organization’s DNA. But the truly inspiring firms – the game-changers, the industry leaders and the disruptors – have cultures that propel them to innovate and stand out. At Brown Advisory, we aim to be one of those inspired firms. Over the years, we have purposefully built and nurtured our client-first culture.
Brown Advisory is an independent investment management firm committed to delivering a combination of first-class performance, strategic advice and the highest level of client service with offices in Austin, Baltimore, Boston, the Carolinas, Delaware, London, New York, Singapore, Virginia and Washington, D.C. The firm’s institutional and private clients are based in 50 states and more than 39 countries and territories and are served by over 650 colleagues worldwide, all of whom are equity owners of the firm.
Position Summary
Brown Advisory is currently seeking a hands-on Application Security Engineer who will partner with the technology team to secure multiple facets of a dynamic organization environment containing several in-house applications and COTS systems.  The candidate must be well versed in all aspects of enterprise security including architecture, network, operating systems, databases, and applications.  The candidate should be able to work with limited direct supervision, and be proactive to the needs of the environment.  The candidate must be able to keep up with the rapidly-changing threat landscape.
Duties and Responsibilities:
Work with the security team to ensure the security of in-house developed applications and COTS systems
Perform analysis, investigation, and remediation of applications and systems partnering with vendors
Work with the security team to ensure superior OS hardening and other security configuration best practices.
Provide security assistance to the security and infrastructure team on projects and system architecture. 
Perform behavioral analysis and review of application logs, alerts, and other security information in order to detect potentially malicious events.
Provide expertise for secure application development practices
Manage InfoSec development, testing and QA functions to ensure that projects are securely delivered and fulfill security requirements
Evaluate, test, and recommend new application and coding security techniques and strategies
Evaluate and recommend new and emerging security products and technologies
Oversee the code vulnerability scans and applications patching process, to ensure that SLAs around time to remediation are being met.
Review vendor or third-party security processes as needed
Review and recommend Cloud and SaaS solutions from an API security perspective 
Job Requirements:
Bachelor’s degree in a relevant field and 7+ years of experience as an application security engineer preferred
CISSP, CISM, or other security industry professional designations
Proven analytical and problem solving abilities
Technical Skills:
Application security knowledge
Application development knowledge, specifically in Secure Development Lifecycle
Knowledge of security frameworks such as ISO 27000 and NIST
Knowledge of access control systems, PKI, multi-factor authentication, and entitlements management, certificate management, data leakage prevention, threat detection, vulnerability scanners and software deployment tools.
Deep knowledge of Windows security for servers, PCs, databases, Apple OS and knowledge of Linux OS
Knowledge of Core networking security concepts, VLANs, Subnets, Multicast. 
Understanding of Java code
Understanding of Microsoft application security best practices (IIS, XML, SQL, etc.)
PowerShell scripting capabilities
Knowledge of Splunk or other data mining/log query tools
Personal Attributes:
Positive attitude
Ability to work autonomously or with limited supervision
Time management and prioritization skills
Excellent organization and communication skills
Ability to write and follow technical documentation
Big picture focused
Detail and process oriented
At Brown Advisory we offer a competitive compensation package, including full benefits.
Wellness program participation incentive
Financial wellness program
Gym membership discounts
Fitness event fee reimbursement
Corporate gym membership discounts
Colleague Assistance Program
Telemedicine Program (for those enrolled in Medical)
Adoption Benefits
Daycare late pick-up fee reimbursement
Basic Life & Accidental Death & Dismemberment Insurance
Voluntary Life & Accidental Death & Dismemberment Insurance
Short Term Disability
Paid parental leave
Group Long Term Disability
Pet Insurance
401(k) (50% employer match up to IRS limit, 4 year vesting)
Brown Advisory is an Equal Employment Opportunity Employer.
Back Apply Now