Technology Lead

At Broadridge, we've built a culture where the highest goal is to empower others to accomplish more. If you’re passionate about developing your career, while helping others along the way, come join the Broadridge team. Key Responsibilities Perform regular application security assessments using automated and manual techniques, including SAST, DAST, SCA, and other relevant testing methodologies. Identify, validate, and document security vulnerabilities with clear technical details, business impact, and proof-of-concept evidence where applicable. Assess and prioritize vulnerabilities based on risk, exploitability, business impact, and alignment with Broadridge security standards. Partner with application development, DevOps, cloud engineering, and infrastructure teams to recommend and drive effective remediation strategies. Integrate and operationalize security controls and testing tools within CI/CD pipelines to enable early detection and prevention of vulnerabilities. Support and enhance DevSecOps practices by maintaining and improving security tooling within the software development lifecycle. Review application and cloud environments for security gaps related to authentication, authorization, secrets management, logging, monitoring, encryption, and network segmentation. Assess and strengthen cloud vuln management program for cloud environments, cloud-native services Identify opportunities for automation in security testing, validation, reporting, and vulnerability management processes. Collaborate with Information Security Officers, developers, infrastructure teams, and other subject matter experts during assessments and remediation efforts. Support vulnerability triage, risk analysis, exception handling, and tracking of remediation activities through closure. Contribute to the development and adoption of secure coding practices, security standards, and developer awareness initiatives. Work effectively within Agile and fast-paced engineering environments. Skill Requirements Bachelor’s degree or higher in Computer Science, Computer Engineering, Information Security, or a related technical discipline. Minimum 5 years of hands-on experience in Application Security, with at least 2 years of experience in DevSecOps or secure CI/CD implementations. Strong experience with application security, including deep understanding of common vulnerabilities, attack techniques, and secure coding practices. Hands-on experience with SAST, DAST, SCA, vulnerability assessment, and remediation validation. Strong understanding of OWASP guidance and frameworks, including OWASP Top 10, API Security, Mobile Security, CI/CD Security, and emerging considerations for LLM/Application AI security. Working knowledge of cloud security principles and Vulnerability Management, particularly in AWS and/or Azure environments. Hands-on experience with AWS security tools, services, and processes, including identity and access management, logging/monitoring, configuration review, and security best practices. Familiarity with CI/CD platforms such as Jenkins, GitLab CI, or similar, and experience integrating security tools into pipeline workflows. Strong understanding of security policies, standards, compliance, and risk management practices. Proficiency in at least one object-oriented programming language, with the ability to review code and understand application logic. Strong analytical, research, and problem-solving skills, with the ability to identify control gaps and security weaknesses. Demonstrated commitment to staying current with evolving threats, vulnerabilities, and security technologies. Familiarity with secrets management, cloud posture management, API security testing, and software supply chain security Practical exposure to security testing or controls for modern architectures, including microservices, containers, serverless, and APIs. Soft Skills Excellent verbal and written communication skills, with the ability to explain complex security concepts clearly to technical and non-technical audiences. Strong collaboration and stakeholder management skills; ability to build consensus across development, operations, and business teams. Ability to manage multiple priorities and work effectively in a dynamic environment. Strong attention to detail and a disciplined approach to analysis and documentation. Self-motivated, adaptable, and committed to continuous learning. Good to Have Experience with cloud security posture assessments and container security scanning tools. Exposure to secure SDLC programs in large enterprise environments. Experience with developer enablement, secure coding guidance, or security champion programs. Familiarity with emerging areas such as AI/LLM application security. Experience with infrastructure vulnerability scanning, scan result analysis, and vulnerability triage. Experience supporting remediation in hybrid or multi-cloud environments. Industry certifications such as CISSP, CISM, CEH, OSCP, CCSK, CCSP, or relevant cloud security certifications are a plus. Active participation in security communities, forums, research groups, or industry events. We are dedicated to fostering a collaborative, engaging, and inclusive environment and are committed to providing a workplace that empowers associates to be authentic and bring their best to work. We believe that associates do their best when they feel safe, understood, and valued, and we work diligently and collaboratively to ensure Broadridge is a company—and ultimately a community—that recognizes and celebrates everyone’s unique perspective. Use of AI in Hiring As part of the recruiting process, Broadridge may use technology, including artificial intelligence (AI)-based tools, to help review and evaluate applications. These tools are used only to support our recruiters and hiring managers, and all employment decisions include human review to ensure fairness, accuracy, and compliance with applicable laws. Please note that honesty and transparency are critical to our hiring process. Any attempt to falsify, misrepresent, or disguise information in an application, resume, assessment, or interview will result in disqualification from consideration. Broadridge Financial Solutions (NYSE: BR) is a global technology leader with trusted expertise and transformative technology, helping clients and the financial services industry operate, innovate, and grow. We power investing, governance, and communications for our clients – driving operational resiliency, elevating business performance, and transforming investor experiences. Our technology and operations platforms process and generate over 7 billion communications annually and underpin the daily average trading of over $15 trillion in equities, fixed income, and other securities globally. A certified Great Place to Work®, Broadridge is part of the S&P 500® Index, employing over 15,000 associates in 21 countries. LinkedIn Facebook Instagram Twitter YouTube Glassdoor The Muse Broadridge is committed to creating an engaging workplace for the most talented associates in our industry. We are dedicated to fostering a collaborative, inclusive, and healthy environment that promotes flexibility and accountability. As a leading provider of technology, communications, and data and analytics solutions to businesses around the world, it is critical that we understand, embrace, and operate in a multicultural environment. Every associate has unique strengths, which, when fully appreciated and embraced, allow individuals to perform at their best, leading to our success. We believe that our associates are our most important asset. Encouraging professional development opportunities is a core part of our culture. Broadridge provides educational opportunities, including formal classes, training programs and events. To enable learning in our hybrid working model, Broadridge has redesigned all development programs for 100% virtual delivery. Our associates have access to 8,500+ online courses covering business, leadership, technical, and function-specific topics through our LinkedIn Learning program.