ScottsdaleRecruiter Since 2001
the smart solution for Scottsdale jobs

Application Security Engineer II

Company: arrivia
Location: Scottsdale
Posted on: January 12, 2022

Job Description:

Do you want to help transform the travel loyalty experience for millions of travelers around the world? Do you want to work in a growing technology team that is building a high performance, scalable, and personalized travel platform? Our goal is to build and be the best travel content and fulfillment platform for our members.As an Application Security Engineer You will help us enhance arrivia's corporate and product security posture by hardening our system boundaries and help to keep us a few steps ahead of the bad guys. You will select, build, and advanced tooling to enable our workforce and services to operate in an efficient and secure manner. You will be the advocate of these best practices to foster a culture of security, mentor and train less experienced information security staff, and act as a force-multiplier within the organization.What you'll do:

  • Audit and support Application Services project delivery teams to ensure they are leveraging best practices and building an appropriate level of security into customer software.
  • Assess and test software and systems for potential vulnerabilities and communicate findings to teams and customers.
  • Build threat models and control catalogs for software teams; stay current on emerging threats.
  • Support enterprise security goals including PCI compliance and other privacy requirements.
  • Develop test plans, automation, and processes to validate that application security controls and features are correct and complete; audit controls and identify areas for improvement.
  • Select, deploy, and configure tools for security testing of applications and systems.
  • Capture and communicate security metrics for environments, systems, and applications.
  • Compiles, maintains, and documents a collection of software that can trace the source of and otherwise investigate attacks on arrivia systems
  • Acts as a technical resource on information security incident investigations and forensic technical analyses.
  • Act as technical liaison between Information Security and application development teams, including guiding teams towards strong application security practices and remediating known risks
  • Develop and support integration and automation within security, monitoring, reporting, and ticketing platforms
  • Review and analyze existing processes and suggest improvements for increased security and efficiency
  • Serves as an active member of the incident response team and participates in security incident response efforts by, among other things, having an in-depth knowledge of arrivia's security systems, common security exploits, vulnerabilities, and countermeasuresWho you are:
    • Bachelor's degree in Computer Science, Cybersecurity or a related field, or minimum of 5 years' experience in a related role or field.
    • Strong technical background and understanding of systems architecture and infrastructure, information security, and automation tools e.g., Terraform, Chef, Puppet, Ansible, Maven.
    • Strong understanding of Agile SDLC and DevSecOps concepts and practices.
    • Familiarity with web application frameworks, API technologies, and micro services.
    • Experience in one or more Object-Oriented programming language.
    • Experience in one or more vulnerability management platforms e.g., Tenable Security Center or Qualys.
    • Experience in one or more scripting languages (bash, python, power shell, etc.).
    • Experience applying security standards/guidelines (such as OWASP, CIS, etc.)
    • Strong understanding of Linux and Windows administration.
    • Strong understanding of Azure and Amazon Web Services
    • Strong understanding of fundamental TCP/IP and related network services (e.g. DNS, NTP, SNMP, SMTP, etc.) and network security design concepts.
    • Experience in 2 or more application security domains (e.g., Secure Coding, Cryptography, Penetration Testing, Vulnerability Assessment, Static and Dynamic Application Security Testing et.)
    • Integration level knowledge of API Security Architecture, and technologies such as, OAuth2, Spring Security, HMAC, WS-Security, WS-Trust, or XACML.
    • Ability to solve complex problems and communicate risks and technical concepts to both technical and non-technical audiences.
    • Excellent verbal and written communication skills.
    • Ability to context-switch between multiple projects, codebases, and concepts with ease.
    • Certified Application Security Engineer (CASE) or Certified Ethical Hacker (CEH) CertificationWho We Are:Welcome to arrivia. We specialize in making brands better through the power of travel. With more than 55 years of combined experience, we're a merger of three powerhouse brands (in case you've heard of us in the travel industry) combining ICE, SOR Technology and WMPH Vacations. With offices on both coasts of the US and around the world, we embrace diversity and a passion for travel across our global staff.We're focused on building a customer-first culture, fueled by the best travel experiences for all our members at every point in their journey. Grow with us, as we continue our path to deliver innovative solutions and take charge of change. The adventure is only beginning. We're on a mission to help people around the world travel better and experience more. Our team members bring world-class skills to the table to create extraordinary memories for our partners and members.Our Core Values:Here at arrivia we---
      • Stay Curious - Explore new challenges and make space to learn, grow and improve
      • Keep it Real - Earn trust through open, honest and clear communication
      • Own it - Seek ways to make an impact and take action.
      • Win Together - Create a culture of connection and inclusion where everyone can be their bestAdditional Benefits:
        • Exclusive Employee Travel Rates on Cruises, Resorts & Hotels, Tours, Car Rentals
        • Medical Health Insurance
        • Dental & Vision Coverage
        • 401K Plan
        • Long Term Disability & Life Insurance
        • Pet Care Insurance
        • Legal Insurance
        • Flexible Spending Accounts (FSA)
        • Employee Assistance Program
        • Dedicated Employee Enrichment & Recognition Programs
        • Special local, dining and merchandise offerings

Keywords: arrivia, Scottsdale , Application Security Engineer II, Engineering , Scottsdale, Arizona

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Arizona jobs by following @recnetAZ on Twitter!

Scottsdale RSS job feeds