Application Security Engineer - Multiple Positions

Meijer Inc. | Grand Rapids, MI

Applying to this job will open a new window on the employer's web site to apply there.

Posted Date 11/01/2019
Description Meijer is looking for multiple Application Security Engineers to embed within the solution development practices of Retail, Pharmacy, and Digital. The IT Application Security Engineer is considered an application security subject matter expert and is adept at blending industry best practices in application development and secured coding practices. In addition to application security, the Application Security Engineers will be called on to run other security engineering efforts across the entire scope of the information security environment. The position assists solution development teams in designing, creating, and implementing secure solutions. Specific experience and subject matter expertise with Payment/PCI (Retail), PHI/HIPAA (Pharmacy) and PII/GDPR (Digital/Retail) subjects is highly preferred.


What You'll be Doing:

  • Defines, communicates, and monitors compliance of SDLC security checks and balances that are to be followed at each step of development and delivery processes
  • Defines, communicates, coordinates delivery of, and at times presents secured coding training content to development team members and leadership
  • Develops and provides presentations as necessary for IT team members, project and program leaders, IT leadership, business customers and leadership and senior/executive-level leadership on application security topics
  • Performs regular assessments of applications in conjunction with the Risk Evaluation group
  • Performs and lead others in secured coding reviews of sensitive applications/solutions
  • Ensures third party products properly address security (privacy requirements, etc.)
  • Ensures latest security controls exist on legacy applications
  • Provides application security-focused technical consulting on business projects or system issues
  • Manages outsourced development activities focused on ensuring application security principles are applied appropriately
  • Provide information to IT, business, project, program, and portfolio leaders to enable sound business decisions
  • Assists with the development of key business relationships and integration activities with other ITS departments, business areas, and/or vendors to ensure successful implementation and support of project, program and portfolio efforts
  • Utilizes knowledge of industry best practices for project and portfolio management, budget, and/or IT resource management to recommend and implement necessary changes
  • Relies on extensive experience and judgment to plan and accomplish objectives
  • Anticipates and creates/recommends technical options to support IT operations
  • Provides leadership within team and across IT organization
  • Leads and directs the work of others across IT organization on application security focused objectives
  • Ensures quality assurance standards and strategies are applied
  • Consults with, mentors, and coaches IT and business team members and leadership, project and program managers and vendors on secured coding principles and guidelines, concepts, processes and tools
  • Provides project management, portfolio, budget, and/or IT resource management standards communication to ITS team members, business customers, senior leadership and/or vendors
  • This job profile is not meant to be all inclusive of the responsibilities of this position – may perform other duties as assigned or required.

What You Bring with You (Qualifications):

  • Bachelor’s degree in Computer Science, Computer Information Systems, Information Assurance, Information Security, Engineering, or related discipline or equivalent work experience and technical training is required.
  • 5+ years of experience in application development, secured coding, infrastructure, and/or information security
  • CISSP or SANS/GIAC certification preferred
  • Scaled Agile Framework (SAFe), Agile/Scrum, Lean and/or Six Sigma certification preferred
  • Extensive experience with and knowledge of Microsoft Visual Studio technology suite, Microsoft SQL Server, Microsoft Office Suite applications
  • Microsoft Azure development experience preferred
  • Strong technical knowledge of authentication and authorization concepts and technologies such as OAuth, SAML, MFA and others.
  • Has extensive experience working and coordinating multiple simultaneous projects and programs, including those that are outsourced (vendors, consultants and/or contractors) and cross-functional
  • Previous technical lead experience preferred
  • Experience with structured design, development, and implementation of new and established computing architectures
  • Strong technical knowledge, with hands-on experience managing systems development in new and established computing architectures and environments
  • Knowledge of relevant technology, tools, databases, and development techniques is critical
  • Excellent written and verbal communication skills
  • Excellent project management, organization, and team collaboration skills
  • Excellent facilitation, collaboration, negotiation, and presentation skills
  • Ability to anticipate risks and devise solutions in the moment
  • Comfortable with ambiguity, frequent change, or unpredictability
  • Possesses good follow-through, administrative and organizational skills, able to multi-task, and has strong interpretation skills for the review of reports and data from all areas of the company
  • Able to work cross-functionally across ITS and business areas, and with all levels of Meijer team members, project leads, management and vendor partners

Adaptive and responsive to change, challenges, and business culture



Share this job