Senior Application Security Engineer

Why Work at Provident?

• Top Workplace Recognition: Voted a Bay Area “Top Workplace” since 2017

• Highly Rated Employer: Among the highest-ranked credit unions on Glassdoor

• Culture of Excellence: We value diversity, inclusion, continuous improvement, and doing what’s right

Our Core Values:

• Listen

• Get Better

• Do What’s Right

Position Summary: Senior Information Security Engineer

Location: Redwood City, CA
Reports To: AVP of Information Security
Compensation: $105,000 – $163,000 base salary, plus biannual discretionary bonuses
Pay Grade: T4

As a Senior Information Security Engineer, you will lead the design, implementation, and maintenance of robust security controls across both enterprise and Azure cloud environments. This role focuses on safeguarding sensitive data through proactive monitoring, secure identity and access management, encryption, and compliance enforcement.

You will partner closely with development teams to integrate security throughout application and API lifecycles—leveraging secure coding standards, vulnerability assessments, and modern DevSecOps practices. Additionally, you’ll support third-party risk assessments, audit processes, and help strengthen the organization’s defense posture against emerging cybersecurity threats, including those driven by AI.

Key Responsibilities

• Deploy and monitor Azure cloud security controls (identity, encryption, compliance).

• Monitor access to sensitive data, identify anomalous activity, and enforce security policies.

• Ensure secure application and API development through assessments, DevSecOps tools (e.g., Azure DevOps), and CI/CD pipeline integration.

• Evaluate vendor risk and ensure third-party compliance with security policies and regulations.

• Assist with internal/external audits and lead remediation initiatives.

• Monitor and address emerging AI-related threats.

• Manage SIEM solutions (e.g., configure data connectors, analyze security alerts).

• Apply micro-segmentation and other advanced network security practices.

• Develop and maintain security policies and procedures in line with industry standards.

• Follow change management protocols for software and system updates.

• Identify and implement process automation and operational efficiencies.

• Participate in on-call rotations and cross-functional project teams.

• Other duties as assigned.

Required Qualifications

• Education: Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent experience.

• Experience: 7+ years in enterprise security, with proven expertise in Azure cloud security, API protection, and compliance (NIST, NCUA, DFPI, FedLine).

• Technical Expertise:

  • Identity and access management in Azure

  • Secure application development (OWASP, secure coding, API security)

  • CI/CD integration and Azure DevOps

  • SIEM operations, incident response, and risk mitigation

  • Knowledge of AI threat mitigation strategies

  • Experience with micro-segmentation and NDR tools

• Soft Skills:

  • Effective communicator and collaborator

  • Strong problem-solving and analytical skills

  • Detail-oriented with the ability to multitask

  • Strong documentation and writing capabilities

Preferred Certifications

• CISSP (Certified Information Systems Security Professional)

• Microsoft Certified: Azure Security Engineer Associate

• CCSP (Certified Cloud Security Professional)

Employee Benefits

• Comprehensive medical, dental, and vision insurance

• 401(k) plan with up to 150% employer match

• Up to 100% tuition reimbursement for approved education

• Annual discretionary bonus

• Generous PTO and paid holidays

• Flexible Spending Accounts (FSAs)

• Short- and long-term disability coverage

• Life and AD&D insurance

• Provident Credit Union membership and benefits

• Rate discounts on home and auto loans

• In-house training and development programs

• Exclusive employee perks including use of company-owned condos in Maui and Lake Tahoe

• Employee referral bonuses