Application Security Engineer

Benefits

Parental leave

Not verified

Non-birth-parent leave

Not verified

Family-building benefits

• Fertility benefits: Not verified
• Adoption assistance: Not verified
• Surrogacy assistance: Not verified

Mental health support

Not verified

Relocation assistance

Not verified

Childcare support

Not verified

Learning budget

Not verified

Verification

Not verified

Salary

Not verified not verified - source not recorded; timestamp not recorded

401(k) match

Not verified

Was this benefit information wrong? Tell us.

Schedule

Shift type

Not verified

Weekend work

Not verified

Application

Cover letter

Not verified

Assessment

Not verified

Deadline

Not stated

Where they hire

State eligibility is not yet verified.

About this role

Application Security Engineer United States of America - Remote / Home Office Job Summary: The Application Security Engineer will help with our Secure Development Lifecycle assurance processes, our security automation technologies, drive the security hardening strategy across our product and respond to current and emerging security threats. This role will contribute tremendously to our Product Security team working with development teams globally to define new security capabilities, and partnering with leaders across the organization to deliver company-wide security initiatives. Job Expectations: - Drive cross-functional projects and establish cutting-edge security development lifecycle practices - Lead security design reviews and threat modeling for new and existing services at iHerb - Evaluate, prototype, implement, and operate security-focused tools and services - Develop new secure architecture standards, frameworks and patterns spanning multiple layers - Understand and analyze emerging security threats, determining applicability to iHerb and proactively implement centralized mitigations - Evaluate, prototype, implement, and operate security tools and services (DAST, SAST, SCA...) - Maintain a strong knowledge of current security threats and operational best practices - Take part in our security assessment, penetration testing and bug bounty programs - Participate in security incident response The duties and responsibilities described above may provide only a partial description of this position. This is not an exhaustive list of all aspects of the job. Other duties and responsibilities not outlined in this document may be added as necessary or desirable, with or without notice. Knowledge, Skills and Abilities: Required: - Demonstrated technical foundation - Solid understanding of

Read the full description at job-boards.greenhouse.io. FewerJobs shows a source-linked preview and links to the original posting.