Application Security Engineer

Hudson's Bay Company New York , NY 10007

Posted 3 weeks ago

job description:

Who We Are:

HBC is a diversified global retailer, focused on driving the performance of high quality stores and their all-channel offerings, growing through acquisitions, and unlocking the value of real estate holdings.

Founded in 1670, HBC is the oldest company in North America. Our portfolio today includes formats ranging from luxury to premium department stores to off price fashion shopping destinations, with more than 480 stores and over 66,000 employees around the world.

Our leading banners across North America include Hudson's Bay, Saks Fifth Avenue, and Saks OFF 5TH.

We have significant investments in real estate joint ventures. HBC has partnered with Simon Property Group Inc. in the HBC Global Properties Joint Venture, which owns properties in the United States and Germany. In Canada, HBC has partnered with RioCan Real Estate Investment Trust in the RioCan-HBC Joint Venture.

A truly global corporate citizen, HBC is committed to responsible business practices to bring about positive change, and we work hard to shape a sustainable future for people and the planet. Our philanthropic initiatives help create healthy families, strong communities, and sport excellence in the cities and countries in which we operate around the world, while striving to create innovative programs and resources that provide flexibility for work-life balance in order to maintain a positive working environment.

What This Position Is All About:

The Application Security Engineer will need to be a highly motivated self-starter with excellent problem-solving skills, flexibility, good judgment and the ability to coordinate multiple, concurrent tasks in an effective manner. In this position, the Application Security Engineer will be responsible for designing, developing, and integrating solutions. You will also work with internal engineering teams to ensure that systems are functional, secure, scalable, and resilient.

Who You Are:

  • Experience with fundamental web application security concepts such as OWASP

  • Experience with mobile application security and API security concepts

  • Experience with API testing tools such as Burp Suite or Postman

  • Experience with Quantitative Data Analysis

  • Experience with AWS or Azure Cloud(s)

  • Experience with Application & Cloud Security principles

  • Experience with SDLC, CI/CD tools, and Deployment Automation

  • Experience with configuration management, version control and DevOps operation support

  • Experience with writing code (Python, Java, Bash, etc)

  • Experience with the basic concepts of Docker containerization and Kubernetes orchestrators

  • Experience with the basic concepts of at least one compliance framework (PCI, NIST, CSA, etc)

As An Application Security Engineer:

  • You will assist with the development of engineering security standards, best practices for the organization, and drive security awareness

  • You will collaborate with DevOps and other Information Security teams to automate, codify (Security/Infrastructure as Code), and build secure engineering practices & resiliency

  • You will function as the primary Subject Matter Expert for HBC's Application Security program

  • You will analyze, develop, install and configure security tools, frameworks, and systems

  • You will discover and resolve vulnerabilities using a data & risk based approach

  • You will act as a key figure for security testing, vulnerability analysis / triage, and resolution tracking

  • You will develop comprehensive documentation, reports and presentations

  • You will participate in key operational meetings and take notes to present to stakeholders

  • You will participate in operational on-calls as needed, to support multiple 24/7 geo-distributed environments

  • You will develop strategies to respond to and recover from security incidents

Your Life and Career at HBC:

  • Be part of a diverse world-class team; work with an adventurous spirit; think and act like an owner-operator!

  • Exposure to rewarding career advancement opportunities, from retail to supply chain, to digital or corporate.

  • A culture that promotes a healthy, fulfilling work/life balance.

  • Benefits package for all eligible full-time employees (including medical, vision and dental).

Thank you for your interest with HBC. We look forward to reviewing your application.

HBC provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, HBC complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

HBC welcomes all applicants for this position. Should you be individually selected to participate in an assessment or selection process, accommodations are available upon request in relation to the materials or processes to be used.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Application Security Engineer


Posted 3 weeks ago

VIEW JOBS 4/17/2021 12:00:00 AM 2021-07-16T00:00 Our Team: The Product Security team is dedicated to making our products and technologies as secure as possible. We report into the CISO, but work closely with engineering teams, product teams, and others across the organization to integrate security into the product life cycle from design through deployment. Our colleagues depend on us to be application, network, and host security pros. We specialize in defining security requirements, performing application security assessments, and providing developers with remediation advice. On any given day we're performing security reviews on internal and third party applications, evaluating a proposed network change, or providing guidance on security/coding best practices. What's the Role? As an Application Security Engineer, you will conduct security assessments driven by the output from our automated Static and Dynamic Application Security Testing (SAST/DAST) pipelines. You will be responsible for verifying the validity of SAST and DAST findings, as well as using your app sec instincts to dive deeper into areas identified via our automated scanning processes. After identifying vulnerabilities you will collaborate with development teams to assist in understanding the associated risks as well as guide remediation. We'll Trust You To: * Validate vulnerabilities identified by SAST and DAST tools * Provide remediation guidance to developers and technical managers * Develop custom security tools and processes used by security teams You'll Need to Have: * Familiarity with common security vulnerabilities and attack vectors * Experience with Python coding * Experience reading and understanding C/C++ code * The ability to communicate complicated technical issues and risks to programmers and non-technical stakeholders We'd Love to See: * SAST Tool experience * Experience as a highly technical information security consultant. * Developer experience, particularly with Python or C/C++ If this sounds like you: Apply if you think we're a good match. We'll get in touch to let you know what the next steps are. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Bloomberg New York NY

Application Security Engineer

Hudson's Bay Company