Senior Engineer, IT Security ApplicationNewport Beach, California 610 Newport Center Drive, 92660
This position contributes to Chipotle Mexican Grill’s success through the development and execution of Application Security Engineering Program practices. You will maintain application security platforms, provide security guidance and conduct security assessments to ensure the technology within the organization are implemented in accordance with established standards and policies.
WHAT YOU’LL DO
In addition to following Chipotle’s policies and procedures, principal accountabilities include, but are not limited to:
- Evangelize application security program fundamentals, tools, processes and acts as a consultative partner with IT and Business teams.
- Performs application security assessments and remediation activities as part of the application security program and ensures application teams adhere to the SDL Framework.
- Manage a suite of application security tools for SCA, Api Security, and ASPM.
- Guide and perform security activities including application vulnerability testing and analysis, code review, static and dynamic testing.
- Perform application centric threat modelling based upon the CAPEC framework.
- Ensure teams are validating development practices for mitigating the OWASP top 10, CWE/SANS top 25 and performing industry leading application security practices.
- Enable application vulnerability detection mechanisms for applications in production use.
- Make recommendations on toolset and process modifications and improvements and production application security support.
- Contributes to the development and delivery of security training programs for development community.
- Participate as a key member in security incident response activities.
WHAT YOU’LL BRING TO THE TABLE
- 8+ years of working in an information technology related field with at least 4 years of that time in an application security discipline.
- Strong communication and relationship building skills.
- Skilled at performing security focused application design reviews, static & manual code reviews.
- Experience using common security testing tools and techniques to perform a variety of security assessments across multiple platforms with significant expertise in either web or mobile penetration testing.
- Experience implementing and operating static and dynamic analysis tools.
- Strong understanding of authentication and authorization options and standards.
- Deeply knowledgeable about security vulnerabilities with the ability to identify them, assess risk, and provide remediation guidance.
- Experience working as a software engineer and knowledgeable about modern web, mobile, and API development practices.
- The ability to read and write code in multiple programming languages.
- Experience with source code repositories, containerized applications and CI/CD practices.
- Knowledgable regarding incorporating security requirements into a SDLC.
- Functional knowledge of event logging, parsing and orchestration.
- Design and implementation experience in Security solutions..
- SME level participation with ePMO, Architecture, and Senior Leadership activities.
- Development and maturation of application security program through interaction with Security and GRC Leadership.
- Experience in technical writing, and ability to present information at the executive level.
CULTIVATING A BETTER WORLD
Food served fast does not have to be a typical fast-food experience. Chipotle has always done things differently, both in and out of our restaurants. We are changing the face of fast food, starting conversations, and directly supporting efforts to shift the future of farming and food. We hope you will join us as we continue to learn, evolve, and shape what comes next on our mission to make better food accessible to everyone.
Primary Location: California - Newport Beach - 9998 - 610 Newport Office-(09998)
9998 - 610 Newport Office-(09998)
610 Newport Center Drive
Newport Beach 92660