[Remote] Senior IT Application Security Engineer
Note: The job is a remote job and is open to candidates in USA. Meijer is a family company committed to serving people and communities, and they are seeking a Senior IT Application Security Engineer. This role involves leading application security initiatives, mentoring team members, and ensuring secure coding practices throughout the software development life cycle.
Responsibilities
- Develop and provide presentations on application security topics to both technical and non-technical audiences
- Advise executive leadership on current and evolving threats to enable risk-informed decisions
- Mentor members of the information security team on matters of application security
- Facilitate third-party penetration tests, triage findings, and create remediation plans with development teams
- Provide tailored remediation guidance to software developers to address security findings
- Provide architectural and security guidance for third-party platforms and services as they integrate into Meijer environments and/or code
- Review the security of third-party/open-source software used by Meijer
- Provide risk-based analysis of security posture to drive business decisions
- Foster relationships with key business partners to create a culture of security and achieve prioritization of security initiatives
- Develop internal security tooling for identifying or remediating security risks
- Assist/lead on matters of application security in the event of an incident
- This job profile is not meant to be all inclusive of the responsibilities of this position. May perform other duties as assigned or required
Skills
- Bachelor's degree or above in Computer Science, Information Security, or related field
- At least four years of professional experience, with at least two years in a security field and at least one year with direct experience writing code
- Familiar with object-oriented programming and have written code in one or more programming languages (e.g. C#, Java, C++)
- Familiarity with secure coding best practices such as the OWASP Top 10
- Knowledge of common application architectures and the relative risks associated with them (e.g. single page apps, client-server, native mobile, microservices)
- Foundational knowledge of security practices in several applied contexts, e.g. networking, cloud infrastructure, containerization, operations, audit, or governance
- Knowledge of relevant technology, tools, databases, and development techniques
- Strong focus on team dynamics and interpersonal relationships
- Strong sense of task ownership with consistent follow-through
- Ability to anticipate risks and devise solutions with limited information or context
- Excellent project management, organization, and team collaboration skills
- Curiosity to learn
- Capable of defining and measuring key performance indicators
- Able to work cross-functionally with IT and business partners across all areas of Meijer and vendor partners
- Adaptive, flexible, and responsive to challenges
- Awareness of how security controls influence both internal stakeholders and Meijer customers
- Agile/Scrum, SAFe, or Lean certification preferred
- SANS/GIAC, CompTIA, ISC2 (e.g. CISSP) or other applicable industry certifications preferred
Benefits
- Weekly pay
- Team member discount
- 401(k) with company contributions
- Paid parental leave
- Paid education assistance
- Development programs for advancement and career growth
- Medical/dental/vision
- Life insurance
- Disability leave
- Paid time off (PTO)
- Childcare subsidy
- Free education
Company Overview
Company H1B Sponsorship