Application Security Engineer

Department: Engineering
Specialization: Developer
Experience: Junior Lead Middle Senior
Technologies: JavaScript TypeScript
Client: Estee Lauder
Special referral bonus: No
Hot position?: Hot
Work model: Remote

About the Client

Estée Lauder Companies Online (ELC Online) is the online division of the Estée Lauder Companies Inc. family of brands. We are a tech company, inside of a cosmetics company. We were early adopters of eCommerce in the 90s and have consistently set the industry standard for prestige beauty e-commerce. We support over 400 websites for household names like Estée Lauder, MAC, Clinique, Origins, Jo Malone and Bobbi Brown. We do so from our own in-house technology teams, supported by some great technology partners.
    With headquarters in the heart of Silicon Alley in Manhattan’s Flatiron District and offices located around the world, United Kingdom, France, China and many more, we connect with our customers anytime, anywhere, from any device. We’re committed to innovation, working with the best tools and technologies available to help our shoppers seamlessly navigate the digital world of beauty. ELC Online is a collaborative work environment that hums with the buzz of 80% female leadership. It’s also home to bold technologists who are shaping the future of beauty.

      About the Role

      The Estée Lauder Companies Online platform powers our Online Commerce, Innovation and Omnichannel initiatives for a portfolio of over 400 sites. We are looking for an engineer for our Global engineering team, which is responsible for the technical functionality of our products, with the focus on the application security.
        We promote the leader-leader model of leadership and an agile way of working so you will have an opportunity to really impact projects. We’re unique in having a Developer Experience team who exist to make sure our developers get the tools and processes they need to get the job done. You remember we said we’re ‘a technology company inside a cosmetics company’, we really mean it.

          Skills you should have

          • Be language agnostic and agile to pick up new languages and skills and deliver new solutions to unexpected problems.
          • Be willing to learn, follow the trends within the technology space and be able to help future proof solutions.
          • Be able to dedicate time for self-investment through training, certifications, and research.
          • Be open-minded and actively ask questions, listen, and adjust your points of view accordingly and respect other people’s opinions.
          • Be able to communicate effectively with different stakeholders.
          • Be able to stay focused on the tasks, prioritize them, and control your time effectively.
          • Be able to work closely with other teams and independently.

            What you will do

            • Implementing software application security controls.
            • Analyzing system services, spotting issues in code, and discovering security exposures.
            • Developing mitigation plans and designing technical solutions to address security weaknesses.
            • Participating in and supporting application security reviews, including code reviews, third-party integration reviews, and dynamic testing.
            • Supporting product and development teams in the area of application security, providing hands-on remediation guidance and direction.
            • Assisting in development of automated security testing to ensure that secure coding best practices are being used.
            • Building and deploying performant and secure code to production following the coding standards and set KPIs.

              Requirements

              • 3 or more years of relevant experience in e-commerce, SaaS or similar.
              • Technical experience in JavaScript/TypeScript and Perl (knowledge of Java is a plus).
              • Technical expertise in secure software development.
              • Strong knowledge of secure design practices and common software vulnerabilities such as OWASP Top 10 and CWE Top 25.
              • Knowledge of common and emerging security threats.

          About AgileEngine

          Founded as a dev tool vendor with a 2-person team

          2010

          Opened a dev center in Ukraine

          2012

          Pivoted into outsourced product development

          2014

          Launched mobile and UI labs

          2015

          Got our first Inc. 5000 award

          2016

          Opened a dev center in Argentina

          2017

          Became a top-3 ranked custom software developer in DC, Ukraine, and Argentina

          2019

          Became the #1 software development company to hire in 2020

          2020

          Opened new dev centers in Mexico and Colombia, counting 500+ experts

          2021

          How we lead

          A company where experts grow, hone their skills, and do what they love, AgileEngine is guided by these principles:

          Stay agile and embrace changes

          Thrive in a results-driven culture with individual autonomy

          Innovate with fellow experts in a no-blame environment

          Learn from mistakes and move on

          Foster mutual trust and support

          Haven’t found the right position?

          We are always in search of awesome experts. Share your CV, and we’ll notify you once we have the right opportunity.

          Subscribe

          Our geography

          UTC-5
          WASHINGTON DC USA
          UTC-5
          MIAMI USA
          UTC-6
          MEXICOMexico
          UTC-5
          ColombiaColombia
          UTC-3
          BrazilBrazil
          UTC-3
          ArgentinaArgentina
          UTC+2
          UkraineEurope
          UTC+1
          PolandEurope
          UTC+0
          PortugalPortugal
          UTC+5:30
          IndiaIndia

          Apply for this position

          Allowed Type(s): .pdf, .doc, .docx