Impact

As an Engineer on our Application Security team, you will be instrumental in driving secure practices across the company. You’ll be responsible for security engineering practices across our engineering organization and build software systems to make secure development easier. In this role, you will design, implement, and scale security controls and processes that protect users, empower developers, and ensure the safety of our applications, and protect user data. As an Engineer, you are expected to operate at a high level of technical proficiency, and influence security culture at all levels of the company.

If you are enthusiastic about cybersecurity, enjoy sharing your knowledge, and thrive on personal and professional growth, you're exactly the kind of engineer we're looking for. Our Cybersecurity team is growing, and we're looking for talented individuals who can work both independently and collaboratively, with a passion for mentoring and developing their colleagues. You will gain valuable experience collaborating with a cross-disciplinary team, contributing to the protection of customers and shoppers nationwide.

What You’ll Need to Be Successful

• Experience with Python and Golang
• You have an understanding of basic authentication and authorization concepts and protocols.
• You have experience with common operating systems such as Windows, macOS, and Linux.
• You possess an understanding and working knowledge of the modern cyber threat landscape.
• You have experience with source version control systems, such as Git.
• Professional work experience with cloud platforms such as AWS, GCP, or Azure
• You have experience with Infrastructure as Code tools, such as Terraform
• You have participated and partnered with engineers across the organization in security assessments including code reviews, threat modeling, and testing ie SAST, DAST, & PEN
• You have experience consulting with product teams on secure coding best practices and develop enterprise wide training material

Nice to Haves:

• You have a CISSP, OSWE, CSSLP, GWAPT, GWEB, OSCP, CompTIA Security+ certification
• You have proficiency in Terraform
• You have familiarity with open-source software and dependency management
• You have experience managing, configuring and troubleshooting CDN & WAF technologies

Work Arrangement

The company considers candidates located near an office or workspace in Birmingham, San Francisco, or Minneapolis to be hybrid, which means that they have the flexibility to work from home (with leader approval) or at an office in order to facilitate the ability to innovate, collaborate, and spark team connections. In-office expectations will vary by role and leader. Certain roles may require in-office presence on a full-time basis. Please work with your recruiter to learn more about the classification of this role.

Pay Range

Metro Areas of Boston, District of Columbia, Los Angeles, San Francisco, Seattle and New York City:

$75,900-$151,700

All other locations:

$63,100-$126,300

Please note that the salary range above is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location.