Job Specifications
Who We Are
At Corebridge Financial, we believe action is everything. That’s why every day we partner with financial professionals and institutions to make it possible for more people to take action in their financial lives, for today and tomorrow.
We Align To a Set Of Values That Are The Core Pillars That Define Our Culture And Help Bring Our Brand Purpose To Life
We are stronger as one: We collaborate across the enterprise, scale what works and act decisively for our customers and partners.
We deliver on commitments: We are accountable, empower each other and go above and beyond for our stakeholders.
We learn, improve and innovate: We get better each day by challenging the status quo and equipping ourselves for the future.
We are inclusive: We embrace different perspectives, enabling our colleagues to make an impact and bring their whole selves to work.
Who You’ll Work With
The Information Technology organization is the technological foundation of our business and works in collaboration with our partners from across the company. The team drives technology and digital transformation, partners with business leaders to design and execute new strategies through IT and operations services and ensures the necessary IT risk management and security measures are in place and aligned with enterprise architecture standards and principles.
About The Role
The Senior DevSecOps Engineer will lead and provide day to day oversight and coordination across the IT Security Application Security Teams for Cybersecurity projects. This role will manage the onboarding of applications to the SAST/DAST application code scanning platform. This position will work with the Software Security Assessment (SSA) Team to ensure application portfolios adhere to standards and recertification cadence. The VP will serve as a subject matter expert /technical mentor in translating application security requirements.
Responsibilities
Shift Left Security: Integrate SAST, SCA, and other automated security tools into CI/CD pipelines (GitHub Actions, GitLab, Jenkins, Azure DevOps).
Partner with development teams to embed security in the design and build phases, ensuring vulnerabilities are identified and fixed early.
Configure, tune, and maintain SAST, SCA, and dependency scanning tools for accurate results and minimal false positives.
Provide actionable remediation guidance and train developers on secure coding.
Conduct lightweight penetration testing and threat modeling for web and API applications to complement automated scanning.
Collaborate with DevOps and cloud engineering teams to build security guardrails around containers, infrastructure as code, and APIs.
Track, measure, and report on vulnerability metrics, remediation SLAs, and KPIs.
Continuously research new security tools, automation methods, and industry best practices for improving DevSecOps maturity.
Skills And Qualifications
3+ years of experience in Application Security or DevSecOps roles required.
Strong hands-on experience with SAST tools (e.g., Checkmarx, Veracode, Fortify).
Solid knowledge of SCA tools (e.g., Snyk, Black Duck, WhiteSource, Dependency-Check).
Practical experience integrating security scans into CI/CD pipelines.
Familiarity with secure SDLC, OWASP Top 10, API Security Top 10, CWE/SANS.
Strong scripting/automation skills (Python, Bash, or PowerShell).
Excellent ability to interpret scan results, reduce noise, and communicate findings effectively to developers.
Compensation
The anticipated salary range for this position is $140,000 to $165,000 at the commencement of employment for the Jersey City, NJ area. Not all candidates will be eligible for the upper end of the salary range. The actual compensation offered will ultimately be dependent on multiple factors, which may include the candidate’s geographic location, skills, experience and other qualifications.
In addition, the position is eligible for a discretionary bonus in accordance with the terms of the applicable incentive plan.
Corebridge also offers a range of competitive benefits as part of the total compensation package, as detailed below.
Work Location
This position is based in Corebridge Financial’s Houston, TX, Durham, NC, or Jersey City, NJ office and is subject to our hybrid working policy, which gives colleagues the benefits of working both in an office and remotely.
Estimated Travel
May include up to 25%.
Why Corebridge?
At Corebridge Financial, we prioritize the health, well-being, and work-life balance of our employees. Our comprehensive benefits and wellness program is designed to support employees both personally and professionally, ensuring that they have the resources and flexibility needed to thrive.
Benefit Offerings Include
Health and Wellness: We offer a range of medical, dental and vision insurance plans, as well as mental health support and wellness initiatives to promote overall well-being.
Retirement Savings: We offer retirement benefits options, which vary by locatio