Application Security Engineer

Department: Engineering
Specialization: Developer
Experience: Junior Lead Middle Senior
Technologies: JavaScript TypeScript
Client: Estee Lauder
Special referral bonus: No
Hot position?: Hot
Work model: Remote

About the Client

Estée Lauder Companies Online (ELC Online) is the online division of the Estée Lauder Companies Inc. family of brands. We are a tech company, inside of a cosmetics company. We were early adopters of eCommerce in the 90s and have consistently set the industry standard for prestige beauty e-commerce. We support over 400 websites for household names like Estée Lauder, MAC, Clinique, Origins, Jo Malone and Bobbi Brown. We do so from our own in-house technology teams, supported by some great technology partners.
    With headquarters in the heart of Silicon Alley in Manhattan’s Flatiron District and offices located around the world, United Kingdom, France, China and many more, we connect with our customers anytime, anywhere, from any device. We’re committed to innovation, working with the best tools and technologies available to help our shoppers seamlessly navigate the digital world of beauty. ELC Online is a collaborative work environment that hums with the buzz of 80% female leadership. It’s also home to bold technologists who are shaping the future of beauty.

      About the Role

      The Estée Lauder Companies Online platform powers our Online Commerce, Innovation and Omnichannel initiatives for a portfolio of over 400 sites. We are looking for an engineer for our Global engineering team, which is responsible for the technical functionality of our products, with the focus on the application security.
        We promote the leader-leader model of leadership and an agile way of working so you will have an opportunity to really impact projects. We’re unique in having a Developer Experience team who exist to make sure our developers get the tools and processes they need to get the job done. You remember we said we’re ‘a technology company inside a cosmetics company’, we really mean it.

          Skills you should have

          • Be language agnostic and agile to pick up new languages and skills and deliver new solutions to unexpected problems.
          • Be willing to learn, follow the trends within the technology space and be able to help future proof solutions.
          • Be able to dedicate time for self-investment through training, certifications, and research.
          • Be open-minded and actively ask questions, listen, and adjust your points of view accordingly and respect other people’s opinions.
          • Be able to communicate effectively with different stakeholders.
          • Be able to stay focused on the tasks, prioritize them, and control your time effectively.
          • Be able to work closely with other teams and independently.

            What you will do

            • Implementing software application security controls.
            • Analyzing system services, spotting issues in code, and discovering security exposures.
            • Developing mitigation plans and designing technical solutions to address security weaknesses.
            • Participating in and supporting application security reviews, including code reviews, third-party integration reviews, and dynamic testing.
            • Supporting product and development teams in the area of application security, providing hands-on remediation guidance and direction.
            • Assisting in development of automated security testing to ensure that secure coding best practices are being used.
            • Building and deploying performant and secure code to production following the coding standards and set KPIs.


              • 3 or more years of relevant experience in e-commerce, SaaS or similar.
              • Technical experience in JavaScript/TypeScript and Perl (knowledge of Java is a plus).
              • Technical expertise in secure software development.
              • Strong knowledge of secure design practices and common software vulnerabilities such as OWASP Top 10 and CWE Top 25.
              • Knowledge of common and emerging security threats.

          About AgileEngine

          Founded as a dev tool vendor with a 2-person team


          Opened a dev center in Ukraine


          Pivoted into outsourced product development


          Launched mobile and UI labs


          Got our first Inc. 5000 award


          Opened a dev center in Argentina


          Became a top-3 ranked custom software developer in DC, Ukraine, and Argentina


          Became the #1 software development company to hire in 2020


          Opened new dev centers in Mexico and Colombia, counting 500+ experts


          How we lead

          A company where experts grow, hone their skills, and do what they love, AgileEngine is guided by these principles:

          Stay agile and embrace changes

          Thrive in a results-driven culture with individual autonomy

          Innovate with fellow experts in a no-blame environment

          Learn from mistakes and move on

          Foster mutual trust and support

          Haven’t found the right position?

          We are always in search of awesome experts. Share your CV, and we’ll notify you once we have the right opportunity.


          Our geography

          MIAMI USA

          Apply for this position

          Allowed Type(s): .pdf, .doc, .docx