Bloomberg Industry Group
Financial Services
ApplicationSecurityEngineer3
Neural analysis suggests this role is
optimal for Senior candidates.
“Application Security Engineer 3 at Bloomberg Industry Group. Skills: Application security, Risk assessment, Security architecture, AI/ML security. Lead application security engineering efforts. Design scalable security architectures”
Industry & Context.
Remediate the identified gap by implementing innovative solutions
What They're Looking For.
Must Have
Deep expertise in application security, secure software design, risk management, OWASP ASVS, OWASP Top 10, NIST 800-53, Extensive experience conducting complex security assessments, building automated security controls for large engineering environments, Proficiency in multiple programming languages, Python, Java, JavaScript, hands-on experience with SAST, DAST, SCA, IaC, container security tools, cloud security tools, understanding of modern architectures, cloud-native, microservices, Kubernetes, containers, serverless, DevSecOps processes, Advanced understanding of AI/ML security, model vulnerability analysis, AI threat modeling, secure LLM integration patterns, NIST AI RMF, OWASP Top 10 for LLMs
Nice to Have
AWS Certified Security – Specialty, CSSLP, CISSP, Certified DevSecOps Expert (CDE), bachelor's degree in information security, Computer Science, equivalent experience
What You'll Do.
Lead application security engineering efforts
Design scalable security architectures
Perform advanced risk assessments
Integrate security across SDLC
Drive AI-related security controls
Evaluate vendor solutions
Contribute to incident response
Contribute to strategic security improvements
Design and implement security architectures
Implement security controls for cloud-native applications
Conduct in-depth risk assessments
Collaborate with developers
Integrate security at all SDLC stages
Drive security for AI-powered features
Define secure architectures for AI
Implement advanced testing for AI
Implement advanced controls for AI
Identify security improvements
Remediate security gaps
Implement innovative security solutions
Evaluate third-party security tools
Evaluate vendor-provided controls
Provide actionable technical feedback to vendors
Drive product improvements with vendors
Ensure controls are implemented
Ensure controls are configured
Build security automation
Improve security automation
Scale security automation
Integrate tooling across CI/CD
Integrate tooling across cloud platforms
Provide guidance on security best practices
Participate in incident response efforts
Investigate security incidents
Stay informed of industry trends
Apply knowledge to improve security
How You'll Work.
Team & Collaboration
Collaborate with developers; Collaborate with DevOps teams; Collaborate with vendors; Provide guidance to junior engineers; Provide guidance to cross-functional teams
Full Job Description
Responsible for leading application security engineering efforts, designing scalable security architectures, performing advanced risk assessments, integrating security across the SDLC, driving AI‑related security controls, evaluating vendor solutions, scaling automation, and contributing to incident response and strategic security improvements. **_About the Team_ :** Bloomberg Industry Group's Application Security team is focused on providing best-in-class security for all internal and external applications. We are constantly evolving our security practices to tackle modern-day threats and ensure our applications remain secure. **_Job Summary_ :** As an Application Security Engineer III, you will lead security engineering initiatives, perform advanced risk assessments, and design scalable security controls across critical applications. You will serve as a subject matter expert (SME) in application, guiding engineering teams, influencing security strategy, and driving automation across the SDLC. This role requires deep technical expertise, leadership potential, and the ability to shape long‑term Application Security direction. **_What You Will Do_ :** * Design and implement security architectures and controls for large-scale, cloud-native applications. * Conduct in-depth risk assessments, including penetration testing and code reviews. * Collaborate with developers and DevOps teams to integrate security at all stages of the software development lifecycle (SDLC). * Drive security for AI-powered features by defining secure architectures, assessing AI/ML risks, and implementing advanced testing and controls for AI models, agents, and MCP servers. * Identify areas of improvements in security tools and practices, and remediate the identified gap by implementing innovative solutions. * Evaluate third‑party security tools and vendor‑provided controls for technical effectiveness, enterprise fit, and alignment with organization’s security architecture and standards. * Collabo
Applying for this Application Security Engineer 3 role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Bloomberg Industry Group?
Real rants from real employees. Read before you apply.