Director, Application Security Engineering
Hoboken, NJ

Job Description

About Us

Our mission is to become the smartest way to shop and save on pretty much anything. Combining a revolutionary pricing engine, a world-class technology and fulfillment platform, and incredible customer service, we've set out to create a new kind of e-commerce.  We're passionate about empowering people to live and work brilliant.

You will be responsible for preparation, execution and remediation programs of the application security aspects for our company.

About Our Internal Engine

We're building a new kind of company, and we're building it from the inside out, which means that investing in hiring, developing, and retaining the brightest minds in the world is a top priority. Everything we do is grounded in three simple values:  trust, transparency, and fairness.  From our business model to our culture, we live our values to the extreme, whether we're dealing with employees, retail partners, or consumers.  We believe that happiness is the highest level of success and we want every person that crosses paths with our company to achieve it.  If you're an ambitious, smart, natural collaborator who likes taking risks, influencing, and innovating in a challenging hyper-growth environment, we'd love to talk to you about joining our team.

About the Job

The Application Security Director will be responsible for demonstrating our dedication to the security and privacy of our customer's data by leading programs that ensure that we continue to develop secure software, all while continuing to create innovate solutions that provide meaningful savings to our customers.

About the Role

* Lead the application security team responsible for an enterprise application security program
* Direct the maturity of an enterprise application security program
* Direct the development and maintenance of application security standards and guidelines
* Direct the integration of secure development standards, tools, and processes into the development lifecycle
* Direct the development and implementation of a threat modeling framework
* Direct the development and implementation of secure frameworks and libraries
* Oversee the identification and implementation of security tools to support an enterprise application security program
* Support development design reviews and other InfoSec processes as application security expertise is required
* Direct and manage regular application security testing
* Provide subject matter expertise for maturing of an enterprise secure code training program for developers and other relevant stakeholders
* Produce relevant application security metrics that demonstrate a continually improving application security posture
* The Director will be a hands-on technical leader - she/he will lead the application security engineering team that develops and supports application security services consumed by product teams in a global environment
* This position requires a high-level of technical expertise, a deep understanding of modern development, languages and cloud platforms, a proven track record for driving product security initiatives and experience delivering software security at scale
* The Director will lead application security innovation, and provide technical direction to product teams for securing applications and development processes
* The Director will utilize her/his technical expertise to deliver the next generation of software-defined security services and tools while integrating into product development processes

About You

* Bachelor's degree in Information Technology, Computer Science, Engineering or equivalent work experience
* 8-10+ years of experience with application security functions with at least 5 years' experience supervising and leading application security professionals
* Proven experience maturing an application security program including identifying, hiring and growing strong talent
* Proven subject matter expert in application security
* Solid, well-rounded understanding of InfoSec practices and programs
* Demonstrated ability to explain risks and vulnerabilities to both technical and non-technical audiences

Andiamo is an Equal Opportunity Employer

Andiamo provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Andiamo complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

All qualified candidates are encouraged to apply by submitting their resume as an MS word document including a cover letter with a summary of relevant qualifications, highlighting clearly any special or relevant experience.