SECURITY ENGINEER in Irving, TX at Cottonwood Financial

Date Posted: 7/9/2018

Job Snapshot

Job Description

The Security Engineer reports to our Chief Information Security Officer (CISO) and is responsible for integrating security into the development of Cottonwood’s software applications. The Security Engineer works closely with the product and software development teams, product owner and scrum master to provide assurance that company software is developed using secure coding methodology. This position includes early security involvement in creating internal financial software applications/processes and extending to third party software applications. In addition, the Security Engineer assesses various stages of the software development life cycle (SDLC) from technical design, change management, scanning, testing and through production release. This position is based at our Administrative Office (HQ) in Irving (Las Colinas), Texas.

  • Perform security risk assessments and remediation recommendations

  • Continuously evaluate the organization’s existing application security practices, measure security-related activities and implement improvements

  • Work closely with developers to identify, diagnose and remediate application security vulnerabilities

  • Develop and maintain a balanced application security program based on a well-defined application security framework

  • Provide secure application development training to developers and provide guidance for continuing education

  • Administer and maintain scanning tools for production and test databases 

  • Assess disaster recovery, data replication and other distributed data issues

  • Vendor security assessments, including documenting data elements and the file transfer data flow information.

  • Collaborate with CISO in managing, creating and maintaining information security reports and dashboards


  • Annual salary of $85,000


  • Medical, dental, and vision

  • Voluntary life/ AD&D

  • Short-term & long-term disability

  • 401K with company match

  • Paid vacation, holidays, and sick time

  • Paid maternity, paternity, extended medical leave, and jury duty

  • Corporate discount program on personal cell phone accounts with select providers

  • Business casual work environment

Job Requirements

  • Bachelor’s degree in MIS, Computer Science, Engineering, Computer Security, Information Systems or related field

  • 2+ years of applications security work experience including defect tracking, source control, IDEs, etc.

  • 3+ years progressive experience in application development or information security or software quality assurance

  • Experience with one or more languages like Java/JavaScript, C++/C# or Ruby/Python/Perl/Powershell

  • Strong understanding of application security concepts for internet technology, architecture and protocols

  • Knowledge of web application attacks and defense strategies and OWASP Top 10 or CWE Top 25 concepts

  • Experience and good understanding of networking protocols TCP/IP, UDP, SSL, TLS, XML, etc.

  • Web application development experience

  • Excellent written and verbal communication skills

  • Local (Dallas/Fort Worth area) candidates only – no relocation

  • Must be currently authorized to work in the United States without sponsorship and not require sponsorship in the future


  • Ability to assess security risk, analyze results and report results

  • Experience in Financial Services Industry

  • Experience with SAST tools such as Fortify, Veracode or Checkmarx

  • Experience with DAST tools such as IBM AppScan, HP WebInspect, Acunetix, Zap or Burp

  • Experience with Open Source Software security tools such as Black Duck and vulnerability remediation guidance

  • Familiarity with infrastructure scanning tools such as Nessus and vulnerability remediation guidance

  • Ethical hacking certification, GIAC GWAPT, GSSP or GWEB certified



Founded in 1996, Cottonwood Financial is one of the largest privately held retail consumer finance companies in the United States.  We have zero debt, have been profitable every year since inception, and our growth is funded entirely through internally generated capital.  Headquartered in Irving (Las Colinas), Texas, we have company-owned locations, under our Cash Store brand, across the country.  Through this national brick-and-mortar footprint, we provide best-in-class customer service and offer an innovative mix of financial products and services to our customers.
We have been named multiple times to the Inc. 5000 list of America’s fastest-growing private companies, as well as to the Dallas 100 list of the fastest-growing private companies in North Texas.