Help shape the next generation of ecommerce for the next generation of consumer.
Technology at StockX
Our Technology Team is on a mission to build the next-generation e-commerce platform for the next generation of customer. We build outstanding, and innovative experiences and products that give our users access to the world’s most coveted products and unlock economic opportunities by turning reselling into a business for anyone. Our team uses groundbreaking technologies that handle substantial scale globally. We were an internet-native, cloud-native company from day 1 - you won’t find legacy technology here. If you’re a curious leader who loves solving problems, wearing multiple hats, while learning new things, join us!
About the role
The Application Security Engineer helps interpret and communicate risk. They build solutions that keep our clients and company safe and secure. In this role, you communicate regularly with IT teams to ensure the right controls are implemented and play a meaningful role in helping StockX to build innovative experiences and products.
What you'll do
- Assist software development architects on secure coding and architecture practices
- Assist with metric collection and application methodologies for internal information risk management efforts
- Ensure data is properly handled throughout our environment
- Collaborate with business, technology, project management, architecture, and information security teams to deliver secure solutions that support our business
- Serve as an intermediary between business and IT for technical security projects
- Know the latest on information security practices
- Perform qualitative risk assessments on systems and applications
- Ensure transparency while Implementing and maintaining security controls
- Improve technologies and processes for information security analysts
- Participation in one or more of the following:
- Maintaining organization’s security information tools (AlienVault, Snyk, GitGuardian, ServiceNow, etc)
- Conducting code reviews and assisting with remediations across multiple apps and services (PHP, React, iOS, Android, NodeJS, etc)
- Help drive the shift-left movement within StockX by implementing tooling within our CI/CD pipelines (DevSecOps)
- Driving standard methodologies for AWS Cloud Security in greenfield projects, reviewing current practices, and auditing current policies/infrastructure
- Serving as a liaison between Compliance and Engineering to ensure we are meeting our regulatory requirements
- Minimum of 3 years working in application security
- Knowledgeable on OWASP
- Understanding of IT constructs, including servers, networking, operating systems, development, storage, and cloud technologies
- Understanding of information security constructs such as encryption, identity, and access, risk analysis, threat hunting, vulnerability management, DLP, IDS/IPS, governance, exploitations, and threat landscapes
- GIAC, GSEC, OSCP, or other security certifications
Our global platform offers unprecedented access to current culture while our data-driven, bid-ask model provides buyers with the real-time visibility to know they’re getting a fair price. And, unlike other ecommerce sites, StockX hand-checks every purchase (20,000+ daily trades) at one of our regional authentication centers.
StockX’s special formula has rocketed the company to a multibillion dollar valuation, with 10M+ lifetime trades on the platform—more than half of those coming in the last year. And we’re just getting started.