• Application Security Engineer

    Location US-ID-Meridian
    Posted Date 3 weeks ago(3/5/2019 11:30 AM)
    Job ID
  • Overview

    Scentsy is looking for an Application Security Engineer to identify and assist with remediation of security issues within Scentsy software products and services. The ASE will serve as the primary security contact for development teams and promote secure development practices within all phases of the Software Development Lifecycle (SDLC).


    What You Would Do:

    • Develop, implement, and improve the Application Security program
    • Conduct regular security assessments of enterprise applications in the form of static code analysis, dynamic application scanning, and penetration testing
    • Conduct code reviews for security flaws on major projects and suggest appropriate fixes
    • Develop mitigation plans and reports around identified vulnerabilities
    • Develop secure coding guidelines
    • Develop and deliver application security training within Scentsy
    • Apply a deep understanding of application security threats and protection mechanisms to enterprise development projects and solutions
    • Provide security consulting and advice to enterprise development teams
    • Conduct threat modeling on new projects and initiatives
    • Serve as primary consultant for product security
    • Develop programs, scripts, or solutions to improve Cybersecurity operations
    • Conduct security reviews of 3rd party software solutions, products, and vendors
    • Implement solutions based on industry best practices
    • Validate, address, and document responses to security findings from third-party penetration testing engagements
    • Champion and evangelize security throughout the company
    • Recommend security enhancements, purchases, and process improvements
    • Mentor less experienced team members
    • Perform all other assigned tasks and requirements as needed

    Our Ideal Candidate Has:

    • 3 years of application Security experience or Enterprise Software Development
    • Experience with one or more general purpose programming languages including but not limited to: Java, C/C++, C#, Objective C, Python, JavaScript, or Go
    • Experience in Application Security, Cryptography, Network Security, Systems Security, or Malware Analysis
    • Bachelor’s degree in Computer Science, Computer Engineering, or related area of study, or equivalent experience

    We Expect That You:

    • Maintain up-to-date body of knowledge around information security and secure coding standards
    • Maintain familiarity with relevant compliance standards such as PCI DSS (Payment Card Industry Data Security Standard)
    • Enhance department and organization reputation by accepting ownership for accomplishing new and different requests and exploring opportunities to add value to job accomplishments
    • Maintain professional and technical knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations
    • Think entrepreneurially and outside the box
    • Adhere to all established procedures, policies, and safety rules as outlined by the Company
    • Work 40 hours/week; some overtime may be required
    • Position may occasionally require the need to work nights, weekends, holidays, and on-call shifts, based on business needs

    You Should Have:

    • Familiarity with the Open Web Application Security Project (OWASP) Top Ten
    • Ability to work with multiple technology platforms and application stacks
    • Knowledge of security audit processes
    • Ability to communicate effectively to a variety of technical and non-technical audiences
    • Strong peer mentoring skills
    • Results orientated, business focused, and successful interfacing across multiple organizational units, at various levels
    • Ability to work collaboratively across all Information Technology teams
    • Ability to work accurately, efficiently, and independently on detailed orientated task
    • Ability to prioritize and direct others work
    • Excellent written and oral communication skills
    • Ability to think critically, troubleshoot and solve complex problems, and make decisions quickly and independently that impact the company
    • Strong organizational, analytical, and interpersonal skills
    • Working knowledge of computers and all applicable software including 3rd party Information security solutions
    • Ability to develop, oversee, and manage large programs from implementation through to completion
    • Ability to work at a computer station and view a computer screen for extended periods of time
    • Work is generally sedentary in nature but may require walking or standing up to 10% of the time


    <p style="margin: 0px;"><span style="font-size: 10pt;">Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.</span></p>
    Share on your newsfeed