Skip to Main Content

Application Security Engineer

Scentsy Meridian, ID

  • Expired: August 25, 2021. Applications are no longer accepted.

Application Security Engineer

Meridian, ID ( Information Technology


Scentsy is looking for anApplication Security Engineerto identify and assist with the remediation of security issues within Scentsy software products and services. The ASE will serve as the primary security contact for development teams and promote secure development practices within all phases of the Software Development Lifecycle (SDLC).

What You Would Do:

  • Develop, implement, and improve the Application Security program

  • Conduct regular security assessments of enterprise applications in the form of static code analysis, dynamic application scanning, and penetration testing

  • Conduct code reviews for security flaws on major projects and suggest appropriate fixes

  • Develop mitigation plans and reports around identified vulnerabilities

  • Develop secure coding guidelines

  • Develop and deliver application security training within Scentsy

  • Apply a deep understanding of application security threats and protection mechanisms to enterprise development projects and solutions

  • Provide security consulting and advice to enterprise development teams

  • Conduct threat modeling on new projects and initiatives

  • Serve as the primary consultant for product security

  • Develop programs, scripts, or solutions to improve Cybersecurity operations

  • Conduct security reviews of 3rd party software solutions, products, and vendors

  • Implement solutions based on industry best practices

  • Validate, address, and document responses to security findings from third-party penetration testing engagements

  • Champion and evangelize security throughout the company

  • Champion the growth of Secure Software Development Lifecycle (SSDLC)

  • Recommend security enhancements, purchases, and process improvements

  • Mentor less experienced team members

  • Perform all other assigned tasks and requirements as needed.

You Should Have:

  • 3 years of application Security experience or Enterprise Software Development

  • Experience with one or more general-purpose programming languages including but not limited to: Java, C/C++, C#, Objective C, Python, JavaScript, or Go

  • Experience in Application Security, Cryptography, Network Security, Systems Security, or Malware Analysis

  • Bachelors degree in Computer Science, Computer Engineering, or related area of study, or equivalent experience

  • Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT) certifications preferred

Things You Should Know & Be Able to Do:

  • Familiar with the Open Web Application Security Project (OWASP) Top Ten

  • Ability to work with multiple technology platforms and application stacks

  • Knowledge of security audit processes

  • Ability to communicate effectively to a variety of technical and non-technical audiences

  • Strong peer mentoring skills

  • Results orientated, business-focused, and successful interfacing across multiple organizational units, at various levels

  • Ability to work collaboratively across all Information Technology teams

  • Ability to work accurately, efficiently, and independently on detailed orientated tasks

  • Ability to prioritize and direct others work

  • Excellent written and oral communication skills

  • Ability to think critically, troubleshoot and solve complex problems, and make decisions quickly and independently that impact the company

  • Strong organizational, analytical, and interpersonal skills

  • Working knowledge of computers and all applicable software including 3rd party Information security solutions

  • Ability to develop, oversee, and manage large programs from implementation through to completion



Meridian, ID
83680 USA



View all jobs at Scentsy