iHerb, LLC

Application Security Lead

iHerb, LLC

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $176,534 - $264,801 per year

Job Level

Senior

Tech Stack

CloudJavaJavaScriptMicroservices.NETNode.jsPython

About the role

  • Lead cross-functional, enterprise-wide projects and define the strategic direction for cutting-edge security development lifecycle (SDL) practices
  • Conduct security design reviews and sophisticated threat modeling for new and existing mission-critical services
  • Establish secure architecture standards, frameworks, and resilient security patterns
  • Evaluate, prototype, implement, operate, and provide governance over core security tools and services
  • Discover and analyze emerging security threats
  • Maintain a strong knowledge of current security threats
  • Drive security assessment, penetration testing, and bug bounty programs
  • Ensure all application security practices adhere to PCI DSS requirements
  • Participate in security incident response activities as a technical leader

Requirements

  • Demonstrated technical foundation (Computer Science / Engineering degree or equivalent experience)
  • 8+ years of technical security experience at a top-tier software company
  • Hands-on experience with threat modeling, security design, security architecture, cryptography, mobile security, cloud computing technologies, and security products
  • Expert understanding of common application and infrastructure security vulnerabilities and mitigations (OWASP Top 10, CWE 25…)
  • Deep, demonstrable knowledge of the e-commerce transaction lifecycle
  • Proven track record of driving the implementation of SDL processes, technology, and automation in sophisticated DevOps/DevSecOps environments.
  • Experience with large-scale web applications and microservices
  • Knowledge of major programming languages and frameworks (e.g. Python, C# .NET, JavaScript, node.js, Java...)
Benefits
  • Health insurance
  • 401(k) matching
  • Time Off
  • Paid Sick Leave
  • Paid holidays
  • Eligible for Restrict Stock Units and receive annual bonuses

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
threat modelingsecurity designsecurity architecturecryptographymobile securitycloud computingapplication securitypenetration testingbug bounty programsDevOps
Soft skills
leadershipcross-functional collaborationstrategic directiontechnical leadership
Certifications
Computer Science degreeEngineering degreePCI DSS compliance