Lead Application Security Engineer - Cyber Security

| Austin
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

H-E-B is one of the largest, independently owned food retailers in the nation operating over 400 stores throughout Texas and Mexico, with annual sales generating over $25 billion. Described by industry experts as a daring innovator and smart competitor, H-E-B has led the way with creative new concepts, outstanding service and a commitment to diversity in our workforce, workplace and marketplace. H-E-B offers a wealth of career opportunities to our 109,000+ Partners (employees), competitive compensation and benefits program and comprehensive training that lead to successful careers.

Our Partners thrive The H-E-B Way. As a Lead Application Security Engineer, you would have a…

HEART FOR PEOPLE… you have a passion for mentorship and guidance, and love for the direct person-to-person interactions that create strong bonds between teams

HEAD FOR BUSINESS… you have an ownership mentality and a consistent track record of timely delivery of high-quality software

PASSION FOR RESULTS… the ability to guide the discussion, remove roadblocks, and provide guardrails for your team as they identify challenges and propose solutions

What you’ll do at HEB: 

As an Application Security Engineer, you will work closely with Product Design, Software Development, Production Operations, and other members of the Security group to maintain and enhance the security of our mobile, web, and server software applications. This work involves several technology stacks and multiple hardware platforms.

  • Designs, integrates, and tests a suite of tools for security management of multi-tenant private and public cloud application services.
  • Developing secure design patterns for cloud architectures developed in public or private cloud environments.
  • Support vendor and partner security assessments.
  • Actively audit the infrastructure and applications for security problems while prioritizing fixes.
  • Build repeatable and testable security infrastructure.
  • Research emerging trends and technologies to assess the threats they may face.
  • Provide security expertise on system, network, encryption, authentication, and governance.
  • Recommends configuration changes to improve the performance, usability, and value of cyber analysis tools.
  • Assists with product studies, performs requirements analysis, and develops software architectures to meet requirements.
  • Creates technical proposals and white papers, writes functional and design specifications.
  • Measure compliance against standards.
  • Identify security vulnerabilities in applications written in C++, C#, and Java for modern versions of Linux and Windows via code reviews and reverse engineering.
  • Identify weaknesses in various network protocols.
  • Offer solutions to discovered vulnerabilities.
  • Develop tools and scripts to aid in reverse engineering and vulnerability discovery.
  • Suggest secure design techniques to management and customers to improve application security posture.
  • Prepare reports on project progress and present results to the customer and management.
  • Contribute to maturing process, policy, and standards guidance.
  • Maintain current knowledge of relevant vulnerabilities and mitigation techniques.
  • Research emerging technologies and maintain awareness of current security risks.
  • Other duties as assigned.

Who You Are

  • Bachelor's degree or 7+ years relevant work experience.
  • 3-5 years of experience (preferred) with security management of cloud based services (SaaS) in a fast-paced Agile environment.
  • At least two certifications in Application Security or Pen testing (CSSLP, GSSP-x, CEH, GPEN, GWAPT, GMOB).
  • Mid to expert level knowledge of AWS, Azure, and Google Cloud Platform.
  • Hands-on experience with security management and issues surrounding virtual machines, containers, and applications.
  • Strong knowledge of build systems, the microservices model, and continuous integration/deployment practices.
  • Familiarity with cloud based security standards and frameworks.
  • Knowledge of SDLC practices.
  • Ability to perform comprehensive code reviews.
  • Proficiency in C++, Java, JavaScript, SQL, or exceptional at another similar coding and scripting languages.
  • Working knowledge of Python 3 or other popular scripting language on the Linux platform.
  • Strong knowledge of public key cryptography, web services SSO strategies, and CVSS scoring.
  • Experience with modern development tools such as Visual Studio 2010+, GCC 4.8+, Git, or Jenkins.
  • Understanding of one or more automated code auditing/vulnerability tools: Checkmarx, IBM AppScan, Veracode, WhiteHat, or Burp.
  • Experience with automation and dev-ops technologies (such as puppet, chef, ansible, etc.)
  • Experience with one or more modern RE tools: IDA Pro, WinDbg, Radare2, Ollydbg, Binary Ninja.
  • Strong knowledge of open-source libraries/packages.
  • Experience architecting, deploying and managing a suite of security management tools, including tools for: WAF, SIEM, log management, DDOS protection, Pen-testing, vulnerability management, automated code analysis, and anti-malware.
  • Excellent oral and written communication skills.
  • Awareness of security standards and frameworks relevant to the SaaS industry (e.g. ISO, NIST, CSA).
Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
    • JavaLanguages
    • KotlinLanguages
    • PythonLanguages
    • SwiftLanguages
    • HadoopLanguages
    • ReactLibraries
    • Styled-componentsLibraries
    • JestLibraries
    • LernaLibraries
    • WebpackLibraries
    • StorybookLibraries
    • GatsbyLibraries
    • ExpressFrameworks
    • Node.jsFrameworks
    • Apollo GraphqlFrameworks
    • VueFrameworks
    • OracleDatabases
    • Google AnalyticsAnalytics
    • IllustratorDesign
    • InVisionDesign
    • SketchDesign
    • ConfluenceManagement
    • JIRAManagement
    • TrelloManagement

Location

2416 E 6th St, Austin, TX 78702

An Insider's view of H-E-B

What’s the vibe like in the office?

What really drives the vibe at our office is our incredible people. Everyone at HEB Digital has a unique expertise to learn from, and we are always encouraging each other or willing to offer a helping hand. It’s the same friendly attitude I know from decades of shopping at HEB, and it’s a true joy to be a part of as a member of our digital team.

Laura

Software Engineer II

What's the biggest problem your team is solving?

The biggest problem the team & I are solving is bringing Curbside & Delivery to the forefront of the H-E-B mobile app. In this modern workflow, customers will be treated to a white-glove experience within the app; searching, browsing, and sorting at your at your finger tips! I'm personally focused on the C's: Coupons, Cart, & Checkout.

Kayla

Sr. Product Manager

What makes someone successful on your team?

The opportunity & impact you can have at H-E-B truly is unmatched. We’re building a huge team of design-oriented, user-centric problem solvers. Folks who are passionate about shipping solutions to millions of loyal customers. It’s the challenge of a lifetime! You need to be hungry to compete against the biggest names out there in grocery & retail.

Evan

Senior Director, Product

How do your team's ideas influence the company's direction?

By building heb.com to be a reflection of the amazing experience that customers have in our stores, we can build a tremendous foundation for HEB’s digital presence. Similarly the innovations and designs that we implement on the UI engineering team will build towards a uniquely successful in-store experience for our communities.

Anna Louise

Engineering Manager

What does career growth look like on your team?

At H-E-B, the scope of interesting challenges is big! We’re building a team that is passionate about making an impact on users, the organization, & want careers where they can stay curious & work on problems spanning many verticals of expertise. Our Partners are connected to opportunities that will excite them, grow their design & leadership skills

Angela

Senior Director, Design

What are H-E-B Perks + Benefits

H-E-B Benefits Overview

Valued Partner Perks Card
We appreciate all that our Partners do. That’s why, as a Valued Partner Perks member, you’ll enjoy a 10% discount on all H-E-B Own Brand Products, plus enjoy additional offers and special savings throughout the year.

Partner Health Plan
From head to toe, and everything in-between, our Partner Health Plans have you (and your loved ones) covered.

Partner Stock Plan
At H-E-B we believe that a company of Owners will outperform a company of employees any day of the week. The Partner Stock Plan allows Partners to share in the performance of H-E-B stock!

401K Plan
Because we care about the future of our Partners, our 401k plan offers a $1.60 match for each dollar contributed up to 2.5% of your salary.

Culture
Volunteer in local community
Friends outside of work
Eat lunch together
Daily sync
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Highly diverse management team
Unconscious bias training
Diversity manifesto
Someone's primary function is managing the company’s diversity and inclusion initiatives
Diversity Employee Resource Groups
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Onsite Gym
Team workouts
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Employee Stock Purchase Plan
At H-E-B we believe that a company of Owners will outperform a company of employees any day of the week. The Partner Stock Plan allows Partners to share in the performance of H-E-B stock.
Performance Bonus
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Family Medical Leave
Adoption Assistance
Company sponsored family events
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
Paid Holidays
Paid Sick Days
Perks & Discounts
Beer on Tap
Casual Dress
Commuter Benefits
Free Daily Meals
Game Room
Stocked Kitchen
Some Meals Provided
Happy Hours
Parking
Recreational Clubs
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Promote from within

Additional Perks + Benefits

A job at H-E-B is an opportunity for a rewarding, never boring, career. An opportunity to utilize your talent and strengths to innovate and make a difference across multiple areas of the business, from stores, to corporate, to Manufacturing, Warehousing, & Transportation.
Your Career at H-E-B can be anything you want!

More Jobs at H-E-B8 open jobs
All Jobs
Design + UX
Dev + Engineer
Operations
Product
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView H-E-B's full profileSee more H-E-B jobs