Every firm has a culture – the values, beliefs, methodology, attitudes and standards that reflect an organization’s DNA. But the truly inspiring firms – the game-changers, the industry leaders and the disruptors – have cultures that propel them to innovate and stand out. At Brown Advisory, we aim to be one of those inspired firms. Over the years, we have purposefully built and nurtured our client-first culture.
Brown Advisory is an independent investment management firm committed to delivering a combination of first-class performance, strategic advice and the highest level of client service with offices in Austin, Baltimore, Boston, the Carolinas, Delaware, London, New York, Singapore, Virginia and Washington, D.C. The firm’s institutional and private clients are based in 50 states and more than 39 countries and territories and are served by over 650 colleagues worldwide, all of whom are equity owners of the firm.
Brown Advisory is currently seeking a hands-on Application Security Engineer who will partner with the technology team to secure multiple facets of a dynamic organization environment containing several in-house applications and COTS systems. The candidate must be well versed in all aspects of enterprise security including architecture, network, operating systems, databases, and applications. The candidate should be able to work with limited direct supervision, and be proactive to the needs of the environment. The candidate must be able to keep up with the rapidly-changing threat landscape.
Duties and Responsibilities:
•Work with the security team to ensure the security of in-house developed applications and COTS systems
•Perform analysis, investigation, and remediation of applications and systems partnering with vendors
•Work with the security team to ensure superior OS hardening and other security configuration best practices.
•Provide security assistance to the security and infrastructure team on projects and system architecture.
•Perform behavioral analysis and review of application logs, alerts, and other security information in order to detect potentially malicious events.
•Provide expertise for secure application development practices
•Manage InfoSec development, testing and QA functions to ensure that projects are securely delivered and fulfill security requirements
•Evaluate, test, and recommend new application and coding security techniques and strategies
•Evaluate and recommend new and emerging security products and technologies
•Oversee the code vulnerability scans and applications patching process, to ensure that SLAs around time to remediation are being met.
•Review vendor or third-party security processes as needed
•Review and recommend Cloud and SaaS solutions from an API security perspective
•Bachelor’s degree in a relevant field and 7+ years of experience as an application security engineer preferred
•CISSP, CISM, or other security industry professional designations
•Proven analytical and problem solving abilities
•Application security knowledge
•Application development knowledge, specifically in Secure Development Lifecycle
•Knowledge of security frameworks such as ISO 27000 and NIST
•Knowledge of access control systems, PKI, multi-factor authentication, and entitlements management, certificate management, data leakage prevention, threat detection, vulnerability scanners and software deployment tools.
•Deep knowledge of Windows security for servers, PCs, databases, Apple OS and knowledge of Linux OS
•Knowledge of Core networking security concepts, VLANs, Subnets, Multicast.
•Understanding of Java code
•Understanding of Microsoft application security best practices (IIS, XML, SQL, etc.)
•PowerShell scripting capabilities
•Knowledge of Splunk or other data mining/log query tools
•Ability to work autonomously or with limited supervision
•Time management and prioritization skills
•Excellent organization and communication skills
•Ability to write and follow technical documentation
•Big picture focused
•Detail and process oriented
At Brown Advisory we offer a competitive compensation package, including full benefits.
•Wellness program participation incentive
•Financial wellness program
•Gym membership discounts
•Fitness event fee reimbursement
•Corporate gym membership discounts
•Colleague Assistance Program
•Telemedicine Program (for those enrolled in Medical)
•Daycare late pick-up fee reimbursement
•Basic Life & Accidental Death & Dismemberment Insurance
•Voluntary Life & Accidental Death & Dismemberment Insurance
•Short Term Disability
•Paid parental leave
•Group Long Term Disability
•401(k) (50% employer match up to IRS limit, 4 year vesting)
Brown Advisory is an Equal Employment Opportunity Employer.