Senior IT Application Security Engineer

As a family company, we serve people and communities. When you work at Meijer, you’re provided with career and community opportunities centered around leadership, personal growth and development. Consider joining our family – take care of your career and your community!

 

Grab the Good Stuff:

• Weekly pay

• Team member discount

• 401(k) with company contributions

• Paid parental leave 

• Paid education assistance

• Development programs for advancement and career growth

• Medical/dental/vision

• And more!

 

Please review the job profile below and apply today!

The Senior IT Application Security Engineer is recognized as a subject matter expert in secure application design, threat modeling, and secure coding practices. You will assist software development teams in designing, creating, and implementing secure solutions by ensuring that security checks are followed throughout each phase of the software development life cycle (SDLC). You are expected to take a proactive leadership role in driving application security initiatives and define, communicate, and enforce application security standards across the organization. You will lead opportunities to enhance security processes and mentor team members by sharing your expertise. You will also identify security knowledge gaps and present training to IT stakeholders. Additionally, you will champion efforts to advance the maturity of the application security program to help foster a culture of continuous improvement.

What You'll be Doing: 

• Develop and provide presentations on application security topics to both technical and non-technical audiences. 

• Advise executive leadership on current and evolving threats to enable risk-informed decisions. 

• Mentor members of the information security team on matters of application security. 

• Facilitate third-party penetration tests, triage findings, and create remediation plans with development teams. 

• Provide tailored remediation guidance to software developers to address security findings. 

• Provide architectural and security guidance for third-party platforms and services as they integrate into Meijer environments and/or code.  

• Review the security of third-party/open-source software used by Meijer. 

• Provide risk-based analysis of security posture to drive business decisions. 

• Foster relationships with key business partners to create a culture of security and achieve prioritization of security initiatives. 

• Develop internal security tooling for identifying or remediating security risks. 

• Assist/lead on matters of application security in the event of an incident. 

• This job profile is not meant to be all inclusive of the responsibilities of this position.  May perform other duties as assigned or required. 

What You Bring with You (Qualifications): 

• Bachelor’s degree or above in Computer Science, Information Security, or related field. 

• At least four years of professional experience, with at least two years in a security field and at least one year with direct experience writing code. 

• Familiar with object-oriented programming and have written code in one or more programming languages (e.g. C#, Java, C++). 

• Agile/Scrum, SAFe, or Lean certification preferred. 

• Familiarity with secure coding best practices such as the OWASP Top 10. 

• Knowledge of common application architectures and the relative risks associated with them (e.g. single page apps, client-server, native mobile, microservices). 

• Foundational knowledge of security practices in several applied contexts, e.g. networking, cloud infrastructure, containerization, operations, audit, or governance. 

• Knowledge of relevant technology, tools, databases, and development techniques. 

• Strong focus on team dynamics and interpersonal relationships. 

• Strong sense of task ownership with consistent follow-through. 

• Ability to anticipate risks and devise solutions with limited information or context. 

• Excellent project management, organization, and team collaboration skills. 

• Curiosity to learn. 

• Capable of defining and measuring key performance indicators. 

• Able to work cross-functionally with IT and business partners across all areas of Meijer and vendor partners. 

• Adaptive, flexible, and responsive to challenges. 

• Awareness of how security controls influence both internal stakeholders and Meijer customers. 

• SANS/GIAC, CompTIA, ISC2 (e.g. CISSP) or other applicable industry certifications preferred. 

We are committed to offering competitive pay that reflects market standards and ensures consistency within our organization.

The pay range for this position is listed below.

$120,750.00 - $191,000.00

This pay range represents the minimum and maximum base pay for the position, which is determined by factors such as market data, the qualifications required, the level of responsibilities associated with the role and other roles at this same level. Your specific pay rate within this range will be based on your experience, qualifications, and skills compared to the internal team you’ll be joining.

We offer a comprehensive benefits package that includes medical, dental, vision, life insurance, a 401(k) plan with employer match, disability leave, and paid time off (PTO). In addition to these core benefits, we are committed to supporting your overall well-being and career growth. Our offerings include a variety of programs designed to support your personal and professional development, such as paid parental leave, paid education assistance (including free education), a childcare subsidy and more. We are dedicated to creating a work environment that promotes work-life balance, long-term health and financial security, and continuous professional development

The interview process is intended to learn more about your personal skills and experience. To this end, we ask that candidates do not use AI tools during the hiring process.

Please note:

• Cameras must be turned on during all virtual interviews.

• AI tools may not be used during any part of the interview process.