Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
View Full Job Details on LinkedInAbout Edward Jones
Edward Jones is a prominent U.S. financial services firm founded in 1922 in St. Louis, Missouri. With around 55,000 employees and $16.3 billion in revenue, it manages approximately $2.2 trillion in client assets. The firm is the largest in the U.S. by the number of financial advisors and operates over 15,000 branch locations across North America. The company specializes in investment advisory services for individual investors and business owners. Its offerings include investment management, portfolio management, securities brokerage, and insurance services. Edward Jones focuses on a solutions-based approach tailored to the unique needs of its nearly 9 million clients. The firm has a strong presence in both urban and rural markets, having expanded significantly since its inception. Edward Jones is known for its commitment to treating associates as partners and maintaining a culture of fairness and quality in client service.
Security at Edward Jones
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Edward Jones views security as a business accelerator rather than a hurdle, balancing risk reduction with delivery enablement.
- The team is committed to 'secure-by-design' engineering practices embedded into platform and product delivery.
- A major current goal is establishing enterprise standards for the secure use of AI developer tools.
- The stated AppSec mission is to lead the enterprise strategy and execution of secure software delivery.
Security Team
The Head of Application Security reports directly to the CISO. Key public-facing leaders include Mike Gibbons (Chief Information Security Officer, joined July 2014) and Wayne Fajerski (Deputy CISO). As of April 2, 2026, there is 1 active AppSec job posting for Head of Application Security. The team emphasizes SDLC embedding, automated testing (SAST/SCA), and SBOM management. Specific information on exact team size and the breakdown of embedded vs. centralized engineers is not publicly available.
Key Initiatives
- Security is integrated directly into the development pipeline with adoption of automated security testing (SAST, SCA, secrets detection).
- The vulnerability management process includes penetration testing and focuses on cross-team partnership with enterprise vulnerability management and incident response teams. The team is actively implementing supply chain security measures including SBOM generation, validation, storage, and continuous monitoring.
- Recent initiatives include implementation of AI developer tool standards.
- No security champions program or bug bounty details are publicly available.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.
Interested in this role?
Apply on LinkedIn