Junior Application Security Engineer

Apply

Description

The Junior Application Security Engineer plays a critical role in completing our mission every day by ensuring that Pampered Chef maintains and deploys new software/systems in a secure manner to reduce information security risks. The Junior Application Security Engineer acts as the evangelist for cybersecurity throughout Information Technology, consulting with the application development and infrastructure teams on secure systems and applications design.

What You'll Do

• Secure Development- Build strong relationships across product management and software engineering teams. Drive adoption of secure software development lifecycle practices across the areas of secure architecture and design, secure coding, security testing, and secure software release management.
• Vulnerability Management- Analyze scan results, prioritize findings, and collaborate with software engineering teams to remediate security flaws.
• Penetration Testing- Knowledge of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development.
• Infrastructure Security- Works closely with the Infrastructure and Application Development teams to ensure proper configurations are implemented and tested on WAF, FW, IDS/IPS and platform
• Incident & Cyber Threat Management- Works with the appropriate teams to ensure all appropriate data is aggregated into the logging and monitoring tool and that the appropriate reports are produced and reviewed.
• Security Review- Be a liaison to perform security reviews for architecture changes across the technology stacks. Identify risks and collaborate with stakeholders to remediate risks to meet the requirements set in place by the security team.
• Incident Response- Perform investigative tasks in response to alerts. Look for indicators of compromise, preserve data and collaborate with members of the security team throughout the incident response process.

What Success Looks Like

• Delivery on information security roadmap and projects
• Number of vulnerabilities and issues validated and remediated
• Operating and maturing a secure SDLC program

Requirements

What We're Looking For

• Bachelor's in Computer Science or Information Security
• 1 to 3 years of experience in technology and development, with a specialty in security in a complex environment, focusing on protecting intellectual property and sensitive data.
• Direct experience with at least one CI/CD platform
• Direct experience with application testing (e.g., SAST, DAST, IAST)
• Direct experience in application vulnerability management processes
• Working knowledge of current software development methodologies
• Working knowledge of OWASP Top 10 and CWE 25
• Working knowledge of programming languages and scripting
• Working knowledge of software design lifecycle
• Working knowledge of web and app security stack (e.g., API security)
• Working knowledge of cloud security concepts and technologies
• Working knowledge of authentication and authorization flows in web applications
• Penetration Testing (Network layer, application layer)
• Basic understanding of threat modeling
• Basic understanding of network security (e.g, WAF, Micro-segmentation). Demonstrate the ability to articulate complex technical scenarios to a non-technical audience clearly

What We're Offering

Compensation, benefits, and logistics

The anticipated salary range for this position starts at $55,000-65,000 annually, depending on experience and qualifications. This role is eligible for a performance-based bonus based on individual and company performance.

This position includes a comprehensive benefits package, which includes:

• Medical, dental, and vision insurance
• Company-paid life insurance with additional voluntary coverage options
• Disability insurance
• Additional voluntary benefits
• 401k match
• Flex PTO
• Paid Parental Leave
• 30%+ discount on Pampered Chef Products and product giveaways

Pampered Chef follows a hybrid schedule in Addison, IL. The expectation is that employees be in the office on Tuesday, Wednesday, and Thursday each week.