Application Security Engineer at iHerb

| Orange County
Sorry, this job was removed at 3:34 p.m. (PST) on Tuesday, April 21, 2020
Find out who's hiring in Los Angeles.
See all Developer + Engineer jobs in Los Angeles
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Job Summary:

The Application Security Engineer executes routine information security operations activities related to deploying, monitoring, analyzing, improving and troubleshooting a Secure Systems Development Life Cycle (S-SDLC). With guidance from management and senior staff, supports the implementation of appropriate application and information security procedures and products. Assists senior staff in the evaluation, development, implementation and operational aspects of security standards, procedures and guidelines for multiple platforms and diverse systems environments.

Job Expectations: 

  • Perform threat modeling, design reviews and code reviews of new Web, API’s and Mobile Applications.
  • Manage remediation of any findings from internal or external assessments.
  • Integrate security tools (e.g., DAST, SAST, SCA, etc.) in the delivery pipeline and the S-SDLC process.
  • Assist in the review, monitoring and/or auditing of applicable daily Security Log Activity and Events. Take action as necessary; escalate to senior staff if required.
  • Monitor and Maintain Application Security training and related awareness campaigns: Champion the Security & Privacy Awareness Program for Application Development
  • Support our compliance programs (such as PCI) by helping implement and document controls, examining evidence for compliance to standards and perform recurring pen-tests of applications in scope.
  • The duties and responsibilities described above may provide only a partial description of this position. This is not an exhaustive list of all aspects of the job. Other duties and responsibilities not outlined in this document may be added as necessary or desirable, with or without notice.

Knowledge, Skills and Abilities:

Required:

  • Ability to work in a fast paced, rapidly changing environment and a strong desire to learn
  • Deep knowledge of OWASP Top 10 (2013 and/or 2017 Version) vulnerability detection and mitigation
  • Knowledge of common scripting and application development languages (e.g. PowerShell, C#, Python, T-SQL etc.) and/or the ability to learn is required
  • Demonstrate an understanding of key IT operational policies, processes and methodologies applicable to governance, risk management and compliance
  • Understanding of PCI-DSS, EU GDPR and CCPA
  • Knowledge researching, analyzing and recommending information security solutions
  • Knowledge of, experience in Key Management Administration for encryption keys and secrets
  • A working knowledge of information security practices and concepts including intrusion detection/ prevention, access controls, risk analysis, vulnerability scanning, and data encryption
  • High degree of accuracy and attention to detail
  • Excellent organization skills and ability to multitask
  • Strong knowledge of information systems and networking is required, at least on a conceptual level.

Experience Requirements:

  • 5+ years experience with application and network security
  • Experience with various tooling in the Application Security space
  • Experience identifying, assessing, and remediating technical security vulnerabilities
  • Strong organizational, excellent written, verbal and interpersonal communication skills are needed to work effectively with a wide variety of staff, outside consultants and vendors.

Education Requirements: 

  • Bachelor’s Degree or higher in Information Technology, Information Security, Computer Science, or a related field strongly preferred. A demonstrable strong experience may be considered as a replacement for a college degree.
  • Advanced industry certification strongly desired, e.g. SANS GIAC (CEH - Certified Ethical Hacker or GXPN - Exploit Researcher and Advanced Penetration Tester, are preferred), Offensive Security Certified Professional (OSCP), CompTIA Security+, CISSP.

#LI-MM1

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • JavascriptLanguages
    • SqlLanguages
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • ReduxLibraries
    • Twitter BootstrapLibraries
    • AngularJSFrameworks
    • ASP.NETFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • SparkFrameworks
    • CassandraDatabases
    • Maria DBDatabases
    • Microsoft SQL ServerDatabases
    • MongoDBDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • BalsamiqDesign
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • UXPinDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • SmartsheetManagement
    • IterableCRM
    • IterableEmail
    • Google AnalyticsLead Gen
    • Google Data StudioLead Gen
    • TableauLead Gen

Location

Pasadena is known for its charm, sophistication and the best night life this side of LA! Tech is in Irvine, one of America's best places to live!

An Insider's view of iHerb

What's something quirky about your company?

“Everyone is really different, nice and cool to be around. People are comfortable to be themselves, which is not common.”

Chris

Software Development Engineer I (SCS)

What's the biggest problem your team is solving?

“Most of the challenges stem from the extreme growth of the company in addition to keeping up with the technological advances in the market. We migrate and change quickly to adapt, which is the fun part because we are continuously learning.”

Alina

Senior Software Development Engineer (SCS)

What makes someone successful on your team?

"A top performer on my team is really exceptional at a few things above and beyond the skills to do their work. Building relationships, adapting to the environment as it changes, and acting with urgency are these key abilities that enable them to achieve rapid growth in their career at iHerb."

Sara

Product Manager

How do you empower your team to be more creative?

"More so than empowering individuals, you have to hire the right people, trust them and let them do what they are good at.”

Al

Director of Software Development & Platform (SCS)

What makes someone successful on your team?

"Collaboration, feedback and creative freedom contribute to our team's success. Collaborating and receiving feedback ensures the content of our projects is accurate and effective. We are also given the freedom to approach our projects however we see fit — this flexibility allows us to create learning materials that are engaging and interesting."

Nina

Curriculum Developer

What are iHerb Perks + Benefits

iHerb Benefits Overview

Perks include snack and beverage stations, on-site gym, video arcade room, sand volleyball court, team happy hour and networking events and more. iHerb is dedicated to providing comprehensive medical, dental and vision plans by contributing up to 80% of the monthly costs associated.

Culture
Volunteer in local community
iHerb is committed to helping great causes here at home and around the world. We partners with organizations like the Boys and Girls Club, Susan G Komen, Ronald McDonald House, Exceed, etc...
Partners with Nonprofits
Worldwide, we’ve donated over $5 million. iHerb facilitates two schools in Cambodia in addition to supporting the Cambodian Children's Fund and New Hope Cambodia in support of children's education.
Friends outside of work
Eat lunch together
Intracompany committees
iHerb's iFit and iFocus teams are dedicated to organizing company events in addition to creating wellness programs and initiatives. The overall health and wellness of our team members is priority!
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Highly diverse management team
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
iHerb Team Members can contribute up to $2700 annually to their FSA.
Disability Insurance
iHerb offers both short and long term disability coverage for its Team Members.
Dental Benefits
iHerb contributes 75% of the monthly costs associated with Cigna DHMO or Cigna DPPO dental plans.
Vision Benefits
Health Insurance Benefits
iHerb contributes up to 80% of the monthly costs associated with Blue Shield's HMO, HMO+, PPO and HDHP health plans.
Life Insurance
iHerb provides all full-time Team Members with a 100% company-paid $50,000.00 Life/AD&D policy. In addition, Team Members have the option to elect additional Life/AD&D coverage plans.
Pet Insurance
Wellness Programs
Onsite Gym
Team workouts
iHerb's team fitness initiatives include in-office yoga and in-office fitness classes.
Retirement & Stock Options Benefits
401(K)
401(K) Matching
iHerb contributes a 100% match up to 4% of the Team Member's election.
Company Equity
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Family Medical Leave
Company sponsored family events
iHerb invites employees and their family members to attend a local minor league baseball game every summer.
Vacation & Time Off Benefits
Generous PTO
iHerb employees receive up to 20 days per year of paid time off based on years of service.
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Company Outings
iHerb hosts company outings throughout the year (varies by location).
Game Room
Our game room includes Ping Pong, Foosball and Video Games.
Stocked Kitchen
Happy Hours
Happy hours are hosted on occasion .
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
iHerb offers employees professional development opportunities like the ability to attend job related conferences and seminars.
Tuition Reimbursement
Our tuition reimbursement plan offers an annual max of $5250 with a maximum total match of $5250.
Lunch and learns
Cross functional training encouraged
Promote from within
Continuing Education stipend
Online course subscriptions available
More Jobs at iHerb11 open jobs
All Jobs
Dev + Engineer
HR
Operations
Product
Project Mgmt
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Product
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView iHerb's full profileSee more iHerb jobs