Junior Application Security Engineer

DescriptionThe Junior Application Security Engineer plays a critical role in completing our mission every day by ensuring that Pampered Chef maintains and deploys new software/systems in a secure manner to reduce information security risks. The Junior Application Security Engineer acts as the evangelist for cybersecurity throughout Information Technology, consulting with the application development and infrastructure teams on secure systems and applications design.What You'll DoSecure Development – Build strong relationships across product management and software engineering teams. Drive adoption of secure software development lifecycle practices across the areas of secure architecture and design, secure coding, security testing, and secure software release management.Vulnerability Management – Analyze scan results, prioritize findings, and collaborate with software engineering teams to remediate security flaws.Penetration Testing – Knowledge of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development.Infrastructure Security – Works closely with the Infrastructure and Application Development teams to ensure proper configurations are implemented and tested on WAF, FW, IDS/IPS and platform.Incident & Cyber Threat Management – Works with the appropriate teams to ensure all appropriate data is aggregated into the logging and monitoring tool and that the appropriate reports are produced and reviewed.Security Review – Be a liaison to perform security reviews for architecture changes across the technology stacks. Identify risks and collaborate with stakeholders to remediate risks to meet the requirements set in place by the security team.Incident Response – Perform investigative tasks in response to alerts. Look for indicators of compromise, preserve data and collaborate with members of the security team throughout the incident response process.What Success Looks LikeDelivery on information security roadmap and projectsNumber of vulnerabilities and issues validated and remediatedOperating and maturing a secure SDLC programWhat We're Looking ForBachelor's in Computer Science or Information Security1 to 3 years of experience in technology and development, with a specialty in security in a complex environment, focusing on protecting intellectual property and sensitive data.Direct experience with at least one CI/CD platformDirect experience with application testing (e.g., SAST, DAST, IAST)Direct experience in application vulnerability management processesWorking knowledge of current software development methodologiesWorking knowledge of OWASP Top 10 and CWE 25Working knowledge of programming languages and scriptingWorking knowledge of software design lifecycleWorking knowledge of web and app security stack (e.g., API security)Working knowledge of cloud security concepts and technologiesWorking knowledge of authentication and authorization flows in web applicationsPenetration Testing (Network layer, application layer)Basic understanding of threat modelingBasic understanding of network security (e.g, WAF, Micro-segmentation). Demonstrate the ability to articulate complex technical scenarios to a non-technical audience clearlyCompensation, benefits, and logisticsThe anticipated salary range for this position starts at $55,000 annually, depending on experience and qualifications. This role is eligible for a performance-based bonus based on individual and company performance.Medical, dental, and vision insuranceCompany-paid life insurance with additional voluntary coverage optionsDisability insuranceAdditional voluntary benefits401k matchFlex PTOPaid Parental Leave30%+ discount on Pampered Chef Products and product giveawaysPampered Chef follows a hybrid schedule in Addison, IL. The expectation is that employees be in the office on Tuesday, Wednesday, and Thursday each week.#J-18808-Ljbffr