Job Description

Lead Application Security Engineer

We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value across borders, through cities and overseas. No other organization can address the scale, precision, pace and trust that this demands, and we're proud to support the global economy.

We're unique too. We were established to find a better way for the global financial community to move value a reliable, safe and secure approach that the community can trust, completely. We're always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions.

We're looking for a Lead Application Security Engineer to be the security expert for 75+ developers who build the core systems behind Swift's global financial messaging. You'll bring deep technical skills and help shape how we do security across our mature application security program - the infrastructure that connects thousands of financial institutions depends on getting this right. Your work will vary day-to-day - sometimes you'll be embedded directly with development teams, other times providing security advice when teams need it, and you'll also do centralized security reviews for APIs, identity systems, and authentication frameworks.

What to expect in this role:

In this role you will:

• Lead comprehensive security architecture reviews for Swift's applications across all business domains
• Conduct advanced code security reviews with developers across Java, JavaScript, C++, and emerging programming languages including Python
• Lead business security assessments for our most critical applications and figure out what security controls we need based on business requirements
• Optimize and evolve DevSecOps tools within CI/CD pipelines to reduce false positives and improve developer adoption
• Partner with 75+ developers across API and Identity teams to integrate security seamlessly into agile development workflows
• Take complex security requirements and make them practical for development teams - some teams are security-savvy, others need more guidance
• Champion security best practices through technical mentorship, training sessions, and documentation that scales across multiple development squads
• Collaborate with architecture teams to establish security patterns and standards for all domains in application security
• Drive continuous improvement initiatives to enhance developer security tooling and reduce friction in secure development practices
• Build metrics and reports that show how well our security efforts are working and where we're reducing risk
• Stay ahead of emerging threats specific to financial services applications and infrastructure
• Leverage deep knowledge of financial services threat landscape and attack vectors specific to payment systems and financial messaging

What will make you successful?

We are seeking professionals with:

• Bachelor's degree
• 8 years of hands-on application security experience with demonstrated expertise in secure coding, vulnerability assessment, and security architecture
• Advanced proficiency in Java, JavaScript, C++, and Python (emerging) with strong understanding of secure coding practices and common vulnerability patterns in these languages
• Extensive experience with application security testing tools (SAST, DAST, IAST, SCA) and their integration into automated CI/CD pipelines
• Proven experience in threat modeling and security design sessions for complex applications and systems
• Strong background in conducting advanced code security reviews and vulnerability assessments
• Strong background in API security including OAuth, JWT, rate limiting, API gateway security, and RESTful service protection
• Understanding of financial services, regulatory compliance requirements and security standards relevant to global financial messaging systems
• Experience with security automation, security-as-code practices, and CI/CD security integration
• Knowledge of container security and securing microservices architectures in on-premises environments
• Proven ability to influence and mentor development teams without direct management authority
• Experience working in complex organizational structures and building consensus across multiple stakeholder groups
• Strong written and verbal communication skills with ability to explain technical security concepts to both technical and business audiences
• Track record of driving adoption of security practices in fast-paced development environments

Preferred Qualifications:

• Professional security certifications demonstrating hands-on technical skills (GWEB, OSCP, or similar technical certifications)
• Experience with emerging programming languages and security frameworks
• Background in financial services, fintech, or other highly regulated industries

Swift is unable to sponsor an employment authorization for this position now or in the future.

The estimated salary range for a new hire into this position in Virginia is $121,564 USD Annual MINIMUM to $225,762 USD Annual MAXIMUM. Salary may vary depending on job-related factors which may include knowledge, skills, experience, and location. Our compensation packages include a competitive base salary and bonus opportunity for all employees contingent on personal and company performance. Our generous benefits program includes medical, dental, vision and life insurance with no premium costs for our employees and their families, and retirement plan plus matching 401k.

We give you the freedom to be yourself. We are creating an environment of unique individuals like you with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone's voice counts and where you can reach your full potential.

If you believe you require a reasonable accommodation to participate in the job application or interview process, please contact us to request accommodation.

Don't meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

Job Tags

Similar Jobs