Sign upLog in
IT Jobs

Security Engineer III - Application Security

BOK Financial Corp

Tulsa, OK

Apply
JOB DETAILS
SKILLS
Amazon Web Services (AWS), Analysis Skills, Application Programming Interface (API), Applications Security, Artificial Intelligence (AI), Banking Services, Bash Scripting, Best Practices, CISSP - Certified Information Systems Security Professional, Cloud Applications, Communication Skills, Computer Science, Computer Security, Continuous Deployment/Delivery, Continuous Improvement, Continuous Integration, Cross-Functional, Cryptography, Data Analysis, Data Modeling, DevOps, Elasticsearch, Establish Priorities, Finance, GCP (Good Clinical Practices), Go Programming Language (Golang), Incident Response, Information/Data Security (InfoSec), Injections, Internet Security, Investment Management, Leadership, Legal, Machine Tool, Mentoring, Metrics, Microsoft Windows Azure, Policy Implementation, Problem Solving Skills, Python Programming/Scripting Language, Regulatory Requirements, Risk, Risk Analysis, Risk Management, Root Cause Analysis, SSL-TLS (Secure Socket Layer - Transport Layer Security), Scripting (Scripting Languages), Securities, Security Architecture, Security Information and Event Management (SIEM), Software Administration, Software Development, Software Development Lifecycle (SDLC), Splunk, Team Player, Technical Leadership, Threat Modeling, Windows PowerShell
LOCATION
Tulsa, OK
POSTED
15 days ago

Req ID: 78048

Location: Tulsa -TUL

Areas of Interest: Software Development; Information Security

Pay Transparency Salary Range: Not Available

Application Deadline: 07/31/2026

BOK Financial Corporation Group includes BOKF, NA; BOK Financial Securities, Inc. and BOK Financial Private Wealth, Inc. BOKF, NA operates TransFund and Cavanal Hill Investment Management, Inc. BOKF, NA operates banking divisions: Bank of Albuquerque; Bank of Oklahoma; Bank of Texas and BOK Financial.

Bonus Type

Discretionary

Summary

Our team operates at the forefront of innovation, vigilance, and strategic risk management. We combine deep industry expertise with advanced analytics and a disciplined approach to proactively identify and mitigate emerging threats across the organization. Through continuous monitoring, comprehensive assessments, and strong cross-functional partnerships, we deliver tailored security solutions that strengthen BOKF's resilience.

We are passionate about advancing security maturity across the enterprise-collaborating closely with teams to provide actionable insights, champion best practices, and enhance controls. Our work empowers BOKF to pursue its strategic goals with confidence in an evolving threat landscape.

Job Description

As an Application Security Engineer III, you will play a key leadership role in advancing BOKF's application security posture. You will drive the implementation and optimization of security capabilities across the Application Protection portfolio, including WAF, API security, DAST, SAST, IaC, SCA, and SIEM/SOAR.

In this role, you will lead threat modeling and vulnerability assessments for internally developed applications and APIs, design and implement custom security policies and controls, and guide the response to application-layer incidents. You will serve as a subject matter expert, mentoring junior engineers while contributing to the design of advanced detection and prevention strategies.

You will stay ahead of evolving threats-including OWASP Top 10 risks, API vulnerabilities, and software supply-chain attacks-and apply that knowledge to strengthen defenses. The role also includes performing forensic and root cause analysis, partnering with risk, legal, and compliance teams to support regulatory requirements, and developing custom code to enhance application security capabilities.

As BOKF embraces AI-enabled development and security tooling, you will leverage approved AI capabilities to accelerate workflows while ensuring accuracy, safeguarding sensitive data, and maintaining strong governance. You will also assess and mitigate risks associated with AI/LLM-enabled applications and third-party services, including prompt injection, data leakage, and insecure integrations, while helping implement effective monitoring and controls.

Team Culture

Our team thrives in a dynamic and collaborative environment where curiosity, ownership, and continuous improvement are foundational. We encourage innovative thinking, open knowledge-sharing, and proactive problem-solving.

By working together to address complex security challenges, team members are empowered to expand their expertise, influence meaningful outcomes, and shape the future of application security at BOKF. Our strong partnerships across the organization and commitment to excellence ensure we remain resilient and forward-looking.

How Youll Spend Your Time

  • You will lead the design and implementation of advanced application security architectures and controls across the SDLC, including secure CI/CD guardrails.
  • You will conduct threat modeling and in-depth vulnerability assessments for applications and APIs, partnering with stakeholders to prioritize remediation.
  • You will develop, tune, and maintain application security controls, including WAF/API policies and DAST/SAST/SCA/IaC scanning capabilities.
  • You will oversee application-layer incident response, including triage, containment, and forensic/root cause analysis.
  • You will evaluate and define security controls for AI/LLM-enabled features and integrations, including risks related to data protection, model trust, and misuse scenarios.
  • You will leverage AI-enabled security tools to enhance detection, analysis, and response while validating outputs and protecting sensitive data.
  • You will provide technical leadership by mentoring team members and leading initiatives through successful delivery with minimal oversight.
  • You may perform other duties as assigned.

Education & Experience Requirements

This role typically requires a Bachelor's degree in Information Security, Computer Science, or a related field, along with 5+ years of experience in Cyber Security or a related technical discipline; alternatively, 7+ years of relevant experience may be considered in lieu of a degree.

A Master's degree, CISSP, or equivalent certifications are preferred.

____

Skills

  • Advanced expertise in configuring and optimizing application security tools (WAF, API security, DAST, SAST, IaC, SCA, SIEM/SOAR) to deliver effective and scalable protection.
  • Strong understanding of application threat intelligence and the ability to identify and mitigate both known and emerging attack vectors.
  • Proven experience leading application security incident response, including triage, containment, and root cause analysis.
  • Demonstrated ability to lead cross-functional initiatives involving development, DevOps, and risk teams.
  • Excellent analytical and problem-solving skills, with a structured approach to complex challenges.
  • Advanced scripting capabilities (e.g., Python, Bash, Go, PowerShell) to automate security processes and workflows.
  • Experience securing CI/CD pipelines and cloud-native applications across AWS, Azure, and GCP.
  • Strong knowledge of cryptography, TLS, secrets management (e.g., HashiCorp Vault), and key lifecycle management.
  • Ability to clearly communicate complex security concepts to both technical and non-technical stakeholders.
  • Experience leveraging data analysis tools (e.g., Splunk, Elasticsearch, Excel) to drive insights and metrics.
  • Deep understanding of application risk management principles and mitigation strategies.
  • Familiarity with AI/LLM security risks (e.g., prompt injection, data leakage, supply-chain risk) and practical implementation of controls.
  • Ability to use AI-assisted tools responsibly to enhance productivity while validating results and protecting sensitive information.

BOK Financial Corporation Group is a stable and financially strong organization that provides excellent training and development to support building the long term careers of employees. With passion, skill and partnership you can make an impact on the success of the bank, customers and your own career!

Apply today and take the first step towards your next career opportunity!

The companies in BOK Financial Corporation Group are equal opportunity employers. We are committed to providing equal employment opportunities for training, compensation, transfer, promotion and other aspects of employment for all qualified applicants and employees without regard to sex, race, color, religion, national origin, age, disability, pregnancy status, sexual orientation, genetic information or veteran status.

Please contact recruiting_coordinators@bokf.com with any questions.

About the Company

B

BOK Financial Corp

We began in 1910 as a regional source of capital for the energy industry; we’ve become one of the strongest, most vibrant financial institutions in the country, fueling economic growth and security across the American Midwest and Southwest. From our roots in Tulsa, Oklahoma, we’ve grown into a leading provider of sophisticated financial solutions to businesses, institutions and individuals across the country.

We are nimble and responsive to changing market and industry conditions, while taking time to build enduring relationships with our clients.

We believe that no financial challenge is too big and no opportunity too small to make an impact. We are guided by our commitment to serving our clients, providing a positive work environment for our employees and making a difference in the communities we serve.

COMPANY SIZE
5,000 to 9,999 employees
INDUSTRY
Banking
WEBSITE
http://www.bokf.com

Similar Job Searches

Application Analyst JobsComputer Consultant JobsComputer Operator JobsComputer Specialist JobsComputer Systems Specialist JobsComputer Technician JobsImplementation Consultant JobsImplementation Specialist JobsInformation Analyst JobsInformation Architect Jobs