Application Security Engineer

Job description

Job Summary: The Application Security Engineer will help with our Secure Development Lifecycle assurance processes, our security automation technologies, drive the security hardening strategy across our product and respond to current and emerging security threats. This role will contribute tremendously to our Product Security team working with development teams globally to define new security capabilities, and partnering with leaders across the organization to deliver company-wide security initiatives. Job Expectations: Drive cross-functional projects and establish cutting-edge security development lifecycle practices Lead security design reviews and threat modeling for new and existing services at iHerb Evaluate, prototype, implement, and operate security-focused tools and services Develop new secure architecture standards, frameworks and patterns spanning multiple layers Understand and analyze emerging security threats, determining applicability to iHerb and proactively implement centralized mitigations Evaluate, prototype, implement, and operate security tools and services (DAST, SAST, SCA...) Maintain a strong knowledge of current security threats and operational best practices...