Junior Application Security Engineer at iHerb

| Orange County
Sorry, this job was removed at 9:50 a.m. (PST) on Thursday, September 3, 2020
Find out who's hiring in Los Angeles.
See all Developer + Engineer jobs in Los Angeles

Job Summary: 

The Junior Application Security Engineer executes routine information security operations activities related to deploying, monitoring, analyzing, improving and troubleshooting a Secure Systems Development Life Cycle (S-SDLC) and resulting first-party application. With guidance from management and senior staff, supports the implementation of appropriate application and information security procedures and products. Assists senior staff in the evaluation, development, implementation and operational aspects of security standards, procedures and guidelines for multiple platforms and diverse systems environments.

 

Job Expectations: 

  • Assist in threat modeling, scanning, and testing of Web, API’s and Native Applications.

  • Manage remediation of any findings from internal or external assessments.

  • Assist in utility and script development to improve automation

  • Integrate and support security tools (e.g., DAST, SAST, SCA, etc.) in the delivery pipeline and the S-SDLC process.

  • Monitor and Maintain Application Security training and related awareness campaigns: Champion the Security & Privacy Awareness Program for Application Development

  • Support our compliance programs (such as PCI) by helping implement and document controls, examining evidence for compliance to standards and perform recurring pen-tests of applications in scope. 

Knowledge, Skills and Abilities:

Required:

  • Ability to work in a fast paced, rapidly changing environment and a strong desire to learn

  • Strong knowledge of OWASP Top 10 (2013 and/or 2017 Version) vulnerabilities and mitigation strategies

  • Familiarity with Linux/Unix

  • Familiarity with DevOps CI/CD pipelines and software (eg. Jenkins)

  • Conceptual knowledge of software design patterns (eg. MVC)

  • A working knowledge of application security practices and concepts including intrusion detection/ prevention, authentication, authorization and access controls, risk analysis, vulnerability mitigations, code integrity, and data encryption

  • Understanding of common protocols and concepts related to application (eg HTTP, REST API, SOAP API, SAML, OAuth)

  • Knowledge of common scripting and application development languages (e.g. C#, Golang, Python, Bash, JavaScript) and/or the ability to learn is required

  • Understanding of PCI-DSS and EU GDPR

  • Knowledge researching, analyzing and recommending information security solutions

  • High degree of accuracy and attention to detail

  • Excellent organization skills and ability to multitask


Experience Requirements:

  • 2+ years experience within application security or software development

  • Experience with various tooling in the Application Security space

  • Some experience in offensive security / penetration testing of applications

  • Some experience in software development

  • Experience identifying, assessing, and remediating technical security vulnerabilities

  • Strong organizational, excellent written, verbal and interpersonal communication skills are needed to work effectively with a wide variety of staff, outside consultants and vendors.

Education Requirements: 

  • Bachelor’s Degree or higher in Information Technology, Information Security, Computer Science, or a related field strongly preferred. A demonstrable strong experience may be considered as a replacement for a college degree.

  • Advanced industry certification strongly desired, e.g. SANS GIAC (CEH - Certified Ethical Hacker or GXPN - Exploit Researcher and Advanced Penetration Tester, are preferred), Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OSWE), CompTIA Security+, CISSP,...


Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • JavascriptLanguages
    • SqlLanguages
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • ReduxLibraries
    • Twitter BootstrapLibraries
    • AngularJSFrameworks
    • ASP.NETFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • SparkFrameworks
    • CassandraDatabases
    • Maria DBDatabases
    • Microsoft SQL ServerDatabases
    • MongoDBDatabases
    • RedisDatabases
    • Google AnalyticsAnalytics
    • OptimizelyAnalytics
    • BalsamiqDesign
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • UXPinDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • SmartsheetManagement
    • IterableCRM
    • IterableEmail
    • Google AnalyticsLead Gen
    • Google Data StudioLead Gen
    • TableauLead Gen

Location

Pasadena is known for its charm, sophistication and the best night life this side of LA! Tech is in Irvine, one of America's best places to live!

An Insider's view of iHerb

What's something quirky about your company?

“Everyone is really different, nice and cool to be around. People are comfortable to be themselves, which is not common.”

Chris

Software Development Engineer I (SCS)

What's the biggest problem your team is solving?

“Most of the challenges stem from the extreme growth of the company in addition to keeping up with the technological advances in the market. We migrate and change quickly to adapt, which is the fun part because we are continuously learning.”

Alina

Senior Software Development Engineer (SCS)

What makes someone successful on your team?

"A top performer on my team is really exceptional at a few things above and beyond the skills to do their work. Building relationships, adapting to the environment as it changes, and acting with urgency are these key abilities that enable them to achieve rapid growth in their career at iHerb."

Sara

Product Manager

How do you empower your team to be more creative?

"More so than empowering individuals, you have to hire the right people, trust them and let them do what they are good at.”

Al

Director of Software Development & Platform (SCS)

What makes someone successful on your team?

"Collaboration, feedback and creative freedom contribute to our team's success. Collaborating and receiving feedback ensures the content of our projects is accurate and effective. We are also given the freedom to approach our projects however we see fit — this flexibility allows us to create learning materials that are engaging and interesting."

Nina

Curriculum Developer

What are iHerb Perks + Benefits

iHerb Benefits Overview

Perks include snack and beverage stations, on-site gym, video arcade room, sand volleyball court, team happy hour and networking events and more. iHerb is dedicated to providing comprehensive medical, dental and vision plans by contributing up to 80% of the monthly costs associated.

Culture
Volunteer in local community
iHerb is committed to helping great causes here at home and around the world. We partners with organizations like the Boys and Girls Club, Susan G Komen, Ronald McDonald House, Exceed, etc...
Partners with Nonprofits
Worldwide, we’ve donated over $5 million. iHerb facilitates two schools in Cambodia in addition to supporting the Cambodian Children's Fund and New Hope Cambodia in support of children's education.
Friends outside of work
Eat lunch together
Intracompany committees
iHerb's iFit and iFocus teams are dedicated to organizing company events in addition to creating wellness programs and initiatives. The overall health and wellness of our team members is priority!
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Highly diverse management team
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
iHerb Team Members can contribute up to $2700 annually to their FSA.
Disability Insurance
iHerb offers both short and long term disability coverage for its Team Members.
Dental Benefits
iHerb contributes 75% of the monthly costs associated with Cigna DHMO or Cigna DPPO dental plans.
Vision Benefits
Health Insurance Benefits
iHerb contributes up to 80% of the monthly costs associated with Blue Shield's HMO, HMO+, PPO and HDHP health plans.
Life Insurance
iHerb provides all full-time Team Members with a 100% company-paid $50,000.00 Life/AD&D policy. In addition, Team Members have the option to elect additional Life/AD&D coverage plans.
Pet Insurance
Wellness Programs
Onsite Gym
Team workouts
iHerb's team fitness initiatives include in-office yoga and in-office fitness classes.
Retirement & Stock Options Benefits
401(K)
401(K) Matching
iHerb contributes a 100% match up to 4% of the Team Member's election.
Company Equity
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Family Medical Leave
Company sponsored family events
iHerb invites employees and their family members to attend a local minor league baseball game every summer.
Vacation & Time Off Benefits
Generous PTO
iHerb employees receive up to 20 days per year of paid time off based on years of service.
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Company Outings
iHerb hosts company outings throughout the year (varies by location).
Game Room
Our game room includes Ping Pong, Foosball and Video Games.
Stocked Kitchen
Happy Hours
Happy hours are hosted on occasion .
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
iHerb offers employees professional development opportunities like the ability to attend job related conferences and seminars.
Tuition Reimbursement
Our tuition reimbursement plan offers an annual max of $5250 with a maximum total match of $5250.
Lunch and learns
Cross functional training encouraged
Promote from within
Continuing Education stipend
Online course subscriptions available
More Jobs at iHerb23 open jobs
All Jobs
Finance
Design + UX
Dev + Engineer
HR
Marketing
Operations
Product
Project Mgmt
Project Mgmt
new
Orange County
Developer
new
Orange County
Operations
new
Pasadena
Product
new
Orange County
HR
new
Orange County
Developer
new
Orange County
Marketing
new
Pasadena
Marketing
new
Pasadena
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Developer
new
Orange County
Finance
new
Orange County
Design + UX
new
Orange County
Project Mgmt
new
Orange County
Developer
new
Orange County
Operations
new
Orange County
Operations
new
Orange County