Application Security Engineer
StockX
- USA
- $120,000-145,000 per year
- Permanent
- Full-time
- Assist software development architects on secure coding and architecture practices
- Assist with metric collection and application methodologies for internal information risk management efforts
- Consult with teams to ensure data is properly handled throughout our environment
- Collaborate with business, technology, project management, architecture and information security teams to deliver secure solutions that support our business
- Serve as a liaison between the business and IT for technical security projects
- Stay current on information security practices
- Perform qualitative risk assessments on systems and applications
- Work with information security analysts to ensure visibility and security controls are implemented and maintained
- Enhance technologies and processes for information security analysts
- Participation in one or more of the following:
- Maintaining the organization's security information tools (AlienVault, Snyk, GitGuardian, ServiceNow, etc)
- Conducting code reviews and assisting with remediations across multiple apps and services (PHP, React, iOS, Android, NodeJS, etc)
- Help drive the shift left movement within StockX by implementing tooling within our CI/CD pipelines (DevSecOps)
- Driving best practices for AWS Cloud Security in greenfield projects, reviewing current practices, and auditing current policies/infrastructure
- Serving as a liaison between Compliance and Engineering to ensure we are meeting our regulatory requirements
- 3 years in a technical IT security role
- GIAC, GSEC, OSCP or other security certifications preferred
- Experience with web application security, including OWASP Top 10 vulnerabilities
- Familiarity with SecDevOps and CI/CD best practices
- Knowledge of cloud security, including AWS
- Knowledge of container security, including Docker or Kubernetes
- Excellent communication and interpersonal skills
- Strong problem-solving skills and attention to detail
- Willingness to learn and get up to speed quickly.
- Excellent analytical, organizational, and communication skills. Ability to say No.
- Experience and ability to mentor senior and junior engineers in the team for best outcomes.