Security Engineer (Application Security)
New York, NY

Job Description

Security Engineer

WW is looking for candidates to help change people's lives. We are a global wellness technology company inspiring millions of people to adopt healthy habits for real life. We do this through engaging digital experiences, face-to-face workshops and sustainable programs that encourage people to move more, shift their mindset and eat healthier while enjoying the foods they love. By drawing on over five decades of experience and expertise in behavioral science, we build communities in order to deliver wellness for all. To learn more about WW and jobs with a purpose, visit ww.com.

Role overview

Our Cybersecurity team is here to protect the data of millions of customers globally. We strive to adopt innovative solutions to problems and apply concepts of attack driven defense to improve our security posture. We design solutions that mitigate risk rather than check boxes.

We are seeking a passionate Application Security Engineer to join our growing Product Security team. This individual will help build security into our software development process and partner with our engineering teams to secure our diverse product ecosystem.

You will guide our product and engineering teams with your security expertise to make more confident product decisions. You'll take ownership of building an application security program that makes the secure decision the easier option.

Key Responsibilities

* Guide product and engineering teams to building secure features through security architecture design reviews and threat modeling
* Evangelize secure coding practices across all engineering teams
* Build security into continuous integration and delivery pipelines
* Use attack driven techniques to defend our applications and systems by discovering weaknesses in our web and mobile application portfolio
* Participate in incident response and vulnerability remediation efforts.
* Manage relationships with external security researchers
* Build a security conscious engineering culture
* Take a leadership role in driving security and privacy initiatives
* Participate in recruiting & training new team members as we build out our Product Security team

Experience required

* Experience integrating security controls into agile software development processes
* Familiarity with containerization and protecting cloud-native architectures
* Minimum of 3 years of experience with any combination of the following: penetration testing, threat modeling, secure software development, application security
* Experience with multiple programming languages (e.g., Scala, Java, Node, C#, Swift)
* Substantial knowledge of web application attacks and defense strategies (e.g., the OWASP Top 10 and CWE Top 25)
* Understand the people aspects of security and enjoy collaborating with others to build secure things
* Contributions to the security community (e.g., research, CVEs, bug bounties, open source projects)

As a company, our purpose is to inspire healthy habits for real life. And as an employer, we inspire the greatest people to do their best work. We provide benefits for real life to help protect your health, finances and overall wellbeing, including:

* Competitive compensation and profit sharing plan
* A 401K plan to help you plan for your future, plus company match
* Health care coverage starting on your first day
* Tuition reimbursement and online courses to help you reach your career aspirations
* Commuter benefits
* Yearly well-being allowance for your physical, financial, social and emotional well-being
* Free WW membership for you plus 3 free WW memberships for your friends and 3 for your family
* Free fruit, snacks and coffee to get you through your day
* Summer Fridays, happy hours, and company outings
* Robust employee referral bonuses
* Developmental opportunities and assignments to grow your career

WW is an equal opportunity employer. WW does not discriminate on the basis of sex, race, color, creed, national origin, marital status, age, religion, sexual orientation, gender identity, gender expression, veteran status, or disability.

Any offer of employment is contingent upon the satisfactory results of reference and background checks.

#LI-TN1