Application Security Developer/Analyst II

Company: Overstock.com
Location: Midvale, Utah, United States
Type: Full-time
Posted: 26.MAY.2021

Summary

The Application Security Developer/Analyst II will be a member of the IT Security team and will work closely with Development, DevOps, CI/CD...

Description

The Application Security Developer/Analyst II will be a member of the IT Security team and will work closely with Development, DevOps, CI/CD, public and private cloud teams to maintain and enhance the security of our mobile, web and server software applications. The Application Security Developer/Analyst II will analyze CI/CD security tool output and triage security findings to ensure that our services, applications, and websites are designed and implemented securely and responsibly. They will also work with senior members of the application and operational security teams to build security automation into development and deployment pipelines and to improve automation of new and existing security toolsets. Job Responsibilities * Validate and triage output and findings from internal SAST, DAST, SCA, and container security scanning tools * Validate and triage output and findings from the OSTK responsible disclosure program and work with external bug bounty engineers to optimize program output * Prioritize web application security findings for remediation with relevant development teams * Work with development teams to identify where vulnerabilities exists in application containers and identify packages that can be successfully updated * Partner with senior application security team members to review current CI/CD tools and practices and determine methods by which deployment processes can improve * Work with the operational IT Security team to build automation into the deployment, maintenance, and tuning of detective and preventative security controls across the environment * Perform other duties as required and assigned by manager and upper management. * Follow legal policies as directed. Job Requirements * 2-5 years of experience in the field or in a related area * Experience validating, triaging, and prioritizing security findings for remediation * Experience developing automation for operational security toolsets * Strong communication skills * Enthusiasm for learning new technologies Skills Experience with any of the following systems/products also a plus: *

  • Application Security Scanning: SAST, DAST, Software Composition Analysis, triage and remediation * Containerization and CI/CD security toolsets * Public Cloud Security: AWS, GCP, Azure, Oracle Cloud * Web Application Security: Web Application Firewalls (WAF), Runtime Application Self-Protection (RASP), Bot Identification and Prevention * Languages: Java, python, node.js and/or other popular languages Education Bachelor's degree preferred Who We Are: Just a few minutes from Salt Lake City and Utah's ski slopes, Overstock is an original resident of "Silicon Slopes", one of the fastest growing technology hubs in the country. We're a passionate group of collaborative problem solvers and creative innovators, working on cutting-edge technology. From building award-winning retail applications (with amazing AR functionality) to creating leading blockchain and machine learning technologies, each of us embodies a unique value and contributes a diverse perspective to the team. What We Offer: * 401k (6% match) * Flexible Schedules * Onsite Health Clinic * Tuition Reimbursement, Leadership Development Program, & Mentorship Program * Onsite Fitness Center with group fitness classes and trainers * Onsite Cafe with additional Coffee Shop and Juice Bar * Onsite Greenhouse, providing fresh fruits & vegetables for our cafe * Overstock Women's Network (OWN) * And More… * Benefits vary based on position, tenure, location, and employee election Physical Requirements: This position requires you to sit, stand and perform general office functions. You may also be required to lift up to 25 pounds occasionally. Bending, stooping and reaching are also frequently required. Equal Employment Opportunity: It is our policy to provide equal employment opportunity for all applicants and associates. This policy includes our commitment to ensure that all employment decisions are made without regard to race, color, religion, gender, national origin, disability, pregnancy, veteran status (including Vietnam era veterans), age, sexual orientation, gender identity, or any other non-job-related characteristic protected by law. Back to Overstock Careers

  •  
    Apply Now

    Share

    Free eBook

    Flash-bkgn
    Loader2 Processing ...