Our mission is to usher in a new era of trust and predictability to transportation and logistics, but there’s still a lot of work to be done. The industry is massive, as is the opportunity. We’re looking for bright, ambitious individuals to join our growing global team and help us enable a more productive and successful world. We’re changing the way the world ships, and we’re looking for you to help us get there!
As a Senior Application Security Engineer, you will report to our Senior Director of Information Security and be responsible partnering with multiple engineering teams to drive security practices and principles in a fast-paced Agile development cycle. This is a hands-on technical position best suited for a professional with developer expertise and a background collaborating with multiple groups (project, business, architecture, and operational teams) across an organization to enable business goals by melding security into solutions.
- Integrate security practices into the software development pipeline
- Conduct regular application security testing to ensure security practices are followed
- Review code and proposed architecture designs for security concerns
- Implement an AppSec Champion Program to scale AppSec’s value while empowering engineering teams to work collaboratively and becoming a federated InfoSec team member
- Provide guidance toward secure technologies and solutions
- Identify areas where processes may be improved, (and when possible, implement improvements and fixing known application security issues)
- Support installations of security tooling (SAST, DAST, etc.)
- Provide secure application development training for ongoing awareness
- Respond to and investigate application security incidents
Desired Skills and Experience
- 2+ years of software engineering experience and 2+ years of information security experience (can be combined)
- Self-sufficient – able to drive a project towards a goal with minimal input and identify security issues independently. Able to handle multiple complex, long-term projects simultaneously
- Strong understanding of web application security vulnerabilities, concepts, and frameworks (such as the OWASP top 10, BSIMM) with the ability to articulate concepts to technical and non-technical staff verbally and in writing
- Experience working with Identity and Access Management services, Single Sign On (SSO) frameworks, mechanisms such as OAuth and SAML
- Familiar with Java, Node.js, Python and Spring
- Experience integrating and tuning security for microservices in a cloud infrastructure
- Experience with attacks and mitigation methods, with experience coordinating and executing Penetration Tests, Bug Bounty Programs, Threat Modeling, and Static/Dynamic Analysis
- Passionate and excited about security topics and engineering
Diversity & Inclusion
We're designing the future of how the world moves and is connected through trade and global supply chains. We can only deliver a truly world-class product and experience if our teams are as diverse and unique communities we are building for. So it's up to us to create a company where anyone can bring their authentic self to work everyday. We're constantly working to improve, and we accept our responsibility to elevate the voices left in the margins. It's on every one of us.
Our focus on inclusion manifests in the way we hire, the customers we serve, and the regions we prioritize. We're building a company that every one of us at project44 is proud to work for: a company that celebrates you for being you.
We pride ourselves on celebrating everyone — project44 is an equal opportunity employer actively working on creating a diverse and inclusive work environment where underrepresented groups can thrive. If you share our values and our passion for helping the way the world moves, we’d love to review your application!
For any needed accommodations during the hiring process, please email email@example.com. Even if you don’t meet 100% of the above qualifications, you should still seriously consider applying. Studies show that you can still be considered for a role if you meet just 50% of the role’s requirements.
Since 2014, project44 has been transforming the way one of the largest, most important global industries does business. As transportation and logistics continues to evolve and customer expectations around delivery become more demanding, industry technology must rise to the occasion. In just a few short years, we’ve created a digital infrastructure that eliminates the inefficiencies caused by dated technology and manual processes. Our Advanced Visibility Platform is used by the world’s leading brands to track shipments, collaborate with supply chain partners, drive operational efficiencies, and create outstanding customer experiences.