Help empower our global customers to connect to culture through their passions.

Application Security Engineer

About the role:

This hands-on security engineering position will be part of StockX's Information Security Cloud & Application Engineering team, leading efforts to enhance the security of software development practices. Members of this team work with several stakeholders to ensure appropriate processes, procedures, and controls are adequately designed and implemented to meet StockX security requirements, mitigate risks, and ensure compliance. This is a critical IC role on the StockX Information Security team and will work with several stakeholders in Product, Engineering, Operations, Customer Service, Safety & Trust, & IT.

What you’ll do

  • Assist software development architects on secure coding and architecture practices
  • Assist with metric collection and application methodologies for internal information risk management efforts
  • Consult with teams to ensure data is properly handled throughout our environment
  • Collaborate with business, technology, project management, architecture and information security teams to deliver secure solutions that support our business
  • Serve as a liaison between the business and IT for technical security projects
  • Stay current on information security practices
  • Perform qualitative risk assessments on systems and applications
  • Work with information security analysts to ensure visibility and security controls are implemented and maintained
  • Enhance technologies and processes for information security analysts
  • Participation in one or more of the following:
    • Maintaining the organization’s security information tools (AlienVault, Snyk, GitGuardian, ServiceNow, etc)
    • Conducting code reviews and assisting with remediations across multiple apps and services (PHP, React, iOS, Android, NodeJS, etc)
    • Help drive the shift left movement within StockX by implementing tooling within our CI/CD pipelines (DevSecOps)
    • Driving best practices for AWS Cloud Security in greenfield projects, reviewing current practices, and auditing current policies/infrastructure
    • Serving as a liaison between Compliance and Engineering to ensure we are meeting our regulatory requirements

About you

  • 3 years in a technical IT security role
  • GIAC, GSEC, OSCP or other security certifications preferred
  • Experience with web application security, including OWASP Top 10 vulnerabilities
  • Familiarity with SecDevOps and CI/CD best practices
  • Knowledge of cloud security, including AWS
  • Knowledge of container security, including Docker or Kubernetes
  • Excellent communication and interpersonal skills
  • Strong problem-solving skills and attention to detail
  • Willingness to learn and get up to speed quickly.
  • Excellent analytical, organizational, and communication skills. Ability to say No.
  • Experience and ability to mentor senior and junior engineers in the team for best outcomes.

 

Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

Pursuant to the various pay transparency laws/acts, the base salary range is $120,000 to $145,000 plus opportunities for benefits (e.g., medical, dental), equity and discretionary bonuses. Compensation is dependent on geography and may vary.

About Us

StockX is proud to be a Detroit-based technology leader focused on the large and growing online market for sneakers, apparel, accessories, electronics, collectibles, trading cards, and more. StockX's powerful platform connects buyers and sellers of high-demand consumer goods from around the world using dynamic pricing mechanics. This approach affords access and market visibility powered by real-time data that empowers buyers and sellers to determine and transact based on market value. The StockX platform features hundreds of brands across verticals including Jordan Brand, adidas, Nike, Supreme, BAPE, Off-White, Louis Vuitton, Gucci; collectibles from artists including KAWS and Takashi Murakami; and electronics from industry-leading manufacturers Sony, Microsoft, Nvidia, and Apple. Launched in 2016, StockX employs more than 1,000 people across offices and verification centers around the world.
 
 
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. This job description is intended to convey information essential to understanding the scope of the job and the general nature and level of work performed by job holders within this job. However, this job description is not intended to be an exhaustive list of qualifications, skills, efforts, duties, responsibilities or working conditions associated with the position. StockX reserves the right to amend this job description at any time.

Apply for this Job

* Required

resume chosen  
(File types: pdf, doc, docx, txt, rtf)
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)


Demographic Questionnaire

At StockX, Diversity, Equity and Inclusion is not a program or check-the-box initiative, it is what we stand on, it is our footprint. Our culture honors authenticity of every dimension of diversity. We recognize that it is the very things that make our team members unique that adds value to who we are. We have an intentional focus on incorporating equitable practices and fostering  inclusive communities where our teams can bring their best selves, develop into their potential, and reciprocate the respect and appreciation that enables our business to thrive. 

That focus begins  by building a robust, diverse talent pool across every team at StockX.  As part of that focus, we wish to survey our job applicants to better understand their full profiles.  Below is a set of optional demographic questions for you to review.  Your decision to provide demographic information is entirely yours, and completely independent of the recruitment decision-making process. If you do not want to provide us with this information, select the “I don’t wish to answer” option to any or all of the questions. If you do provide responses, those responses will be considered your consent to provide us with this information. 

Responses to the survey will be collected by our recruiting partner Greenhouse Software, Inc. Survey results will be provided to StockX’s talent acquisition team in an anonymized and aggregated report only after the job posting has expired. Your individual responses will not be provided to StockX and will not impact the outcome of your application in any way. Where applicable, the data collected will also help us comply with applicable regulatory requirements. We appreciate you taking the time to do this!

What is your gender? [Which gender best describes you?] (Select all that apply) *





Are you transgender? [Do you describe yourself as transgender?] (Select one) *



What is your sexual orientation? (Select all that apply) *










How do you identify? (race/ethnicity) (Select one) *












If you are based in the US, what is your veteran status? (Select one) *




Do you have a physical or mental disability, impairment, or condition that substantially limits major life activity? (Select one) *





Our system has flagged this application as potentially being associated with bot traffic. Please turn off any VPNs, clear your browser cache and cookies, or try submitting your application in a different browser. If this issue persists, please reach out to our support team via our help center.
Please complete the reCAPTCHA above.