132 applicants

Company

Original Job Post

StockX · 2 days ago

Application Security Engineer

United States

Full-time

Remote

Mid Level

$120K/yr - $145K/yr

3+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

E-CommerceE-Commerce Platforms

H1B Sponsorship

Hiring Manager

💎 Sam Himmelspach

Insider Connection @StockX

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Assist software development architects on secure coding and architecture practices

Assist with metric collection and application methodologies for internal information risk management efforts

Consult with teams to ensure data is properly handled throughout our environment

Collaborate with business, technology, project management, architecture, and information security teams to deliver secure solutions that support the business

Serve as a liaison between the business and IT for technical security projects

Stay current on information security practices

Perform qualitative risk assessments on systems and applications

Work with information security analysts to ensure visibility and security controls are implemented and maintained

Enhance technologies and processes for information security analysts

Maintaining the organization’s security information tools (AlienVault, Snyk, GitGuardian, ServiceNow, etc)

Conducting code reviews and assisting with remediations across multiple apps and services (PHP, React, iOS, Android, NodeJS, etc)

Help drive the shift left movement within StockX by implementing tooling within our CI/CD pipelines (DevSecOps)

Driving best practices for AWS Cloud Security in greenfield projects, reviewing current practices, and auditing current policies/infrastructure

Serving as a liaison between Compliance and Engineering to ensure meeting regulatory requirements

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

3 years IT securityWeb application securityOWASP Top 10SecDevOpsCI/CD best practicesCloud securityAWSContainer securityDockerKubernetes communication problem-solvingAttention to detailWillingness to learn analyticalOrganizational skills say noGIACGSECOSCPSecurity Certifications

Required

3 years in a technical IT security role

Experience with web application security, including OWASP Top 10 vulnerabilities

Familiarity with SecDevOps and CI/CD best practices

Knowledge of cloud security, including AWS

Knowledge of container security, including Docker or Kubernetes

Excellent communication and interpersonal skills

Strong problem-solving skills and attention to detail

Willingness to learn and get up to speed quickly

Excellent analytical, organizational, and communication skills. Ability to say No

Experience and ability to mentor senior and junior engineers in the team for best outcomes

Preferred

GIAC, GSEC, OSCP or other security certifications

Benefits

Medical

Dental

Equity

Discretionary bonuses

Company

StockX

Glassdoor

3.4

StockX is an online marketplace to buy and sell limited edition and high demand sneakers.

Founded in 2015

Detroit, Michigan, USA

1,001-5,000 employees

https://stockx.com/

H1B Sponsorship

StockX has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Trends of Total Sponsorships

2023 (2)

2022 (13)

2021 (27)

2020 (9)