Principal Application Security Engineer

Apply Now

In this role, you won’t just support change, you’ll help build programs from the ground up, defining new standards and leading initiives th modernize how we design, develop, and deploy technology across the business. Your technical expertise, paired with industry best practices, will directly influence how technology aligns with and advances our broader business stregy.

If you're driven to lead, innove, and leave a lasting impact, you’ll find the opportunity to do your most meaningful work here.

The Principal Applicion Security Engineer is responsible for defining and driving the applicion security stregy across the organizion. This role ensures secure design and development practices are embedded within the software development lifecycle (SDLC) and DevSecOps pipelines. The architect will lead efforts to implement security tooling, establish reporting frameworks, and collabore with developers, infrastructure teams, vendors, and security stakeholders to maintain a robust applicion security posture.

To perform this job successfully, an individual must be able to perform each duty sisfactorily. Other ancillary duties may be assigned.

• Lead the design and implemention of applicion security architecture and engineering across enterprise applicions, partnering with software development, infrastructure, and plform teams to secure cloud-nive and on-prem environments.
• Embed security controls and best practices into CI/CD pipelines and DevSecOps workflows, driving adoption of secure coding standards and thre modeling across engineering teams.
• Evalue, implement, and opere applicion security tooling (e.g., SAST, DAST, IAST, container security and reled capabilities), ensuring solutions are effective, scalable, and well-integred.
• Define, develop, and maintain applicion security metrics, reporting, and dashboards to provide visibility to leadership and key stakeholders.
• Engage and collabore with third-party vendors to assess and valide the security capabilities of applicions and services.
• Provide guidance and mentorship on applicion security standards, risk management, and compliance requirements to eleve security murity across teams.
• Participe in occasional off-hours support as needed to support troubleshooting or emerging thres.

• Provides day-to-day management for the Informion Protection function, responsible for security technologies utilized to protect WM's da and networks.

• Participes in WM's Informion Security Office leadership team to drive innovive security solutions, and collaborion with other IT and global functions.

• Responsible for managing the work environment, identifying workforce needs and ensuring performance against expections, values and vision.

• Manages security audit and intrusion detection system logs for system and network anomalies and provides highest level analysis.

• Responds to unique, highly compliced, suspicious or malicious events detected through collection or reported by Help Desk or users.

• Provides technically advanced remediion and applicion event support to IT operions and engineering teams

• Performs initial computer system forensic investigions and supports fraud investigions.

• Provides top level analysis, design and support for log collection of firewalls, routers, networks and opering systems.

• Communices technical and event assessment results, evalues engineering and integrion initiives and provides technical expertise to assess security policies, standards and guidelines.

• Develops, collects and analyzes logs from firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.

• Reviews and recommends the installion, modificion or replacement of hardware or software components

• Identifies and addresses any configurion change(s) th impact event collection.

Will coach and mentor less experienced analysts and act as team leader on more compliced systems projects.

A. Educion and Experience

• Educion: Bachelor's Degree (accredited) in Computer Science, MIS, Business Administrion or similar area of study or in lieu of degree, High School Diploma or GED (accredited) and four years of relevant work experience.

• Experience: Seven years of prior work experience (in addition to educion requirement).

B. Certifices, Licenses, Registrions or Other Requirements

One or more of the following is required:

• Certified Informion Systems Security Professional (CISSP).

• Certified Informion Systems Auditor (CISA).

• Certified Informion Security Manager (CISM).

C. Other Knowledge, Skills or Abilities Required

Technically advanced or in-depth knowledge or skills in one or more of the following is required:

• Fortune 500 experience.

• Deep understanding of applicion security principles and secure coding practices
• Ability to design and implement security controls in CI/CD pipelines
  Strong analytical and problem-solving skills with tention to detail
• Excellent communicion and collaborion skills to work with cross-functional teams
• Ability to produce clear and actionable security reports and dashboards for stakeholders
• Ability to cree and deliver presentions targeted to either end users or senior management
• Experience in several or more of the following applicion security technologies: SAST (Stic Applicion Security Testing), DAST (Dynamic
• Applicion Security Testing), IAST (Interactive Applicion Security Testing), SCA (Software Composition Analysis / open-source dependency scanning), API security (API discovery, auth testing, schema validion, runtime protection), RASP (Runtime Applicion Self-Protection), Pen-test automion / BAS for apps (continuous validion of controls) and SBOM (software bill of merials) & supply chain security provenance/testion
• Experience in the areas of change control, problem management, incident management troubleshooting security solutions
• Ability to handle successfully multiple projects one time
  

Listed below are key points regarding environmental demands and work environment of the job. Reasonable accommodions may be made to enable individuals with disabilities to perform the essential functions of the job.

• Normal setting for this job is: office setting

• This position is required to be onsite Monday through Thursday our downtown Houston HQ with a flexible work from home day on Fridays.

Benefits
At Waste Management, each eligible employee receives a competitive total compension package including Medical, Dental, Vision, Life Insurance and Short Term Disability. As well as a Stock Purchase Plan, Company mch on 401K, and more! Our employees also receive Paid Vacion, Holidays, and Personal Days. Please note th benefits may vary by site.

If this sounds like the opportunity th you have been looking for, please click "Apply".

Apply Now