AppSec Jobs
← Back to all jobs

University of Minnesota

Application Security Engineer

Minneapolis, MNWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About University of Minnesota

The University of Minnesota (UMN) is a public land-grant research university system established in 1851. Its flagship campus is located in the Twin Cities of Minneapolis-St. Paul, with additional campuses in Crookston, Duluth, Morris, and Rochester. UMN is recognized for its comprehensive approach to education, focusing on research, teaching, outreach, and public service to address societal challenges. The university has a rich history, having evolved from a preparatory school to a full university by 1869. It offers a wide range of academic programs, granting bachelor's, master's, and doctoral degrees across various fields, including liberal arts, sciences, education, business, and medicine. UMN emphasizes public education and research, preparing students for a global society through partnerships and outreach initiatives.

Industry

higher education

Employees

28,000

588 engineers

Revenue

$5.1B

Website

Visit →

Security at University of Minnesota

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • The University of Minnesota's AppSec philosophy is defined by a mandate to safeguard information assets by embedding security into every phase of the software development lifecycle.
  • They prioritize developer enablement through automation and collaboration, aiming to make security a seamless part of development rather than a manual gate.
  • Risk management is centralized under the CISO, with a focus on defining baseline metrics to measure application risk posture.

Security Team

  • The AppSec function is part of the University Information Security (UIS) department.
  • It is led by Chris Herdt, the Interim Chief Information Security Officer, who reports to the CIO.
  • The team is estimated to have approximately 7 members with specialized AppSec skills.
  • The team is currently hiring to expand its technical capabilities in automated scanning and threat modeling.

Key Initiatives

  • Current initiatives include the implementation and optimization of DAST and SAST tools to scan university web applications and the integration of security controls into CI/CD pipelines.
  • The team is also focused on leading threat modeling exercises with development teams to identify risks early in the design phase.
  • Policy-driven initiatives include monitoring dependencies for vulnerabilities and prohibiting the deployment of software that fails security requirements.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.