Junior Application Security Engineer

Pampered Chef is a company dedicated to ensuring secure software deployment and reducing information security risks. The Junior Application Security Engineer will collaborate with various teams to adopt secure development practices, manage vulnerabilities, and respond to security incidents.

Responsibilities

• Secure Development – Build strong relationships across product management and software engineering teams. Drive adoption of secure software development lifecycle practices across the areas of secure architecture and design, secure coding, security testing, and secure software release management
• Vulnerability Management – Analyze scan results, prioritize findings, and collaborate with software engineering teams to remediate security flaws
• Penetration Testing – Knowledge of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development
• Infrastructure Security - Works closely with the Infrastructure and Application Development teams to ensure proper configurations are implemented and tested on WAF, FW, IDS/IPS and platform
• Incident & Cyber Threat Management – Works with the appropriate teams to ensure all appropriate data is aggregated into the logging and monitoring tool and that the appropriate reports are produced and reviewed
• Security Review – Be a liaison to perform security reviews for architecture changes across the technology stacks. Identify risks and collaborate with stakeholders to remediate risks to meet the requirements set in place by the security team
• Incident Response – Perform investigative tasks in response to alerts. Look for indicators of compromise, preserve data and collaborate with members of the security team throughout the incident response process

Skills

• Bachelor's in Computer Science or Information Security
• 1 to 3 years of experience in technology and development, with a specialty in security in a complex environment, focusing on protecting intellectual property and sensitive data
• Direct experience with at least one CI/CD platform
• Direct experience with application testing (e.g., SAST, DAST, IAST)
• Direct experience in application vulnerability management processes
• Working knowledge of current software development methodologies
• Working knowledge of OWASP Top 10 and CWE 25
• Working knowledge of programming languages and scripting
• Working knowledge of software design lifecycle
• Working knowledge of web and app security stack (e.g., API security)
• Working knowledge of cloud security concepts and technologies
• Working knowledge of authentication and authorization flows in web applications
• Penetration Testing (Network layer, application layer)
• Basic understanding of threat modeling
• Basic understanding of network security (e.g, WAF, Micro-segmentation)
• Demonstrate the ability to articulate complex technical scenarios to a non-technical audience clearly

Benefits

• Medical, dental, and vision insurance
• Company-paid life insurance with additional voluntary coverage options
• Disability insurance
• Additional voluntary benefits
• 401k match
• Flex PTO
• Paid Parental Leave
• 30%+ discount on Pampered Chef Products and product giveaways

Company Overview

Company H1B Sponsorship