Quality Engineer - Application Security - Costco Travel jobs in United States
cer-icon
Apply on Employer Site
company-logo

Costco IT · 1 day ago

Quality Engineer - Application Security - Costco Travel

positionSeattle, WA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$130K/yr - $160K/yr
date4+ years exp

Costco IT is responsible for the technical future of Costco Wholesale, the third largest retailer in the world. They are seeking a Quality Engineer specializing in Application Security to ensure the security of applications and services, perform vulnerability assessments, and mentor team members in security best practices.

Information Technology & Services
badNo H1Bnote

Responsibilities

Serves as a subject matter expert for application security, vulnerability management, and vulnerability scanning
Supports and consults with product and development teams in the area of application security
Assesses applications for vulnerabilities in web UIs and APIs
Provides manual application secure code reviews
Works analytically to solve both tactical and strategic problems within the vulnerability management program
Identifies attack surface reduction opportunities through vulnerability data analysis from enterprise custom and COTS applications
Collaborates and communicates with Compliance, External auditors, and Business teams
Understands compliance requirements that may impact security, and effectively collaborates with business areas and project teams to develop security solutions that address requirements
Advocates for compliance and security measures, both internally and externally, to protect corporate applications and environments
Maintains current knowledge of industry trends and standards; proactively pursues professional growth in the areas of technology, business knowledge, and Costco policies and platforms
Regular and reliable workplace attendance at your assigned location

Qualification

Application SecurityVulnerability ManagementJava ProgrammingVulnerability ScanningCI/CD IntegrationAgile MethodologiesAnalytical SkillsCommunication SkillsCollaboration SkillsTime Management

Required

4+ years' experience in security in an enterprise environment
2+ years' experience with software development with Java or any other Object-Oriented Language
Knowledgeable in remediation activities at the code or script level, including fixing vulnerabilities or defects
Demonstrated experience with Java programming, development practices, and common bug patterns
Familiar with application vulnerability/security frameworks and standards such as OWASP Top 10, SANS Top 20, CVE, CWE, CVSS, etc
Experience with vulnerability management processes including scanning, reporting, and remediation planning
Understanding of software development lifecycle and integrating application security into a CI/CD pipeline
Experience with revision control systems and the agile process using ADO, Git, or similar agile code system functions (Pull, Fetch, Push, Sync)
Strong verbal and written communication skills
Ability to clearly communicate Information Security matters to Executives, Auditors, End -Users, Analysts, Peers, and Engineers, using appropriate language, examples, and tone
Experience identifying and validating security requirements for software
Experience working with software development teams
Realistic outlook that understands security problems as a balance of both security and business needs
Demonstrated logical and structured approach to time management and task prioritization in support of team work goals
Strong analytical skills, documentation skills, and awareness of change management; ability to adapt to changing priorities
Strong collaborative mindset and able to function as a contributing member of the team
Ability to handle highly confidential information in a strictly professional manner

Preferred

2+ years' experience in working with DevOps engineer in an enterprise environment
Experience with one or more scripting or development languages
Experience coding, implementing custom software solutions, and supporting them in production environments
General cloud knowledge
Familiarity with agile continuous improvement methodologies
Experience developing and reporting enterprise level metrics
Proficient in Microsoft Workspace applications, including Outlook, Word, Excel, PowerPoint, and Teams

Benefits

Paid time off
Health benefits - medical/dental/vision/hearing aid/pharmacy/behavioral health/employee assistance
Health care reimbursement account
Dependent care assistance plan
Short-term disability and long-term disability insurance
AD&D insurance
Life insurance
401(k)
Stock purchase plan to eligible employees

Company

Costco IT

twitter
company-logo
Costco IT is responsible for the technical future of Costco Wholesale, the third largest retailer in the world with wholesale operations in twelve countries.
location
Issaquah, WA, US
people-size1001-5000 employees
web-link
https://www.costco.com/sustainability-introduction.html

Funding

Current Stage
Late Stage
Company data provided by crunchbase