Sr. Application Security Engineer

San Jose, California Requisition Number R0037668 Subsidiary eBay

eBay is a global commerce leader that allows you to shape how the world buys, sells, and gives. You’ll be part of a work culture that’s been genuinely committed to diversity and inclusion since its founding more than 20 years ago. Here, you can just be yourself, do your best work, and have a meaningful impact on people across the globe. We are seeking people with drive, ideas, and a passion for helping small businesses succeed to help shape the future of eBay—does this sound like you? If so, we’d love to talk to you!

We are looking for a highly motivated Application Security engineer to join eBay’s Global Information Security team to take on the problems of tomorrow while continuing to build and secure the foundation of today.

About this role:

This position is in eBay’s Application Security team under the Information Security umbrella.

We would like someone with deep familiarity with securing products and moving them through a secure SDLC. Work with internal and partner teams to secure eBay Applications, APIs, Javascripts, etc. from security attacks. Deep analysis of security threats through application data sharing is required. You would partner with software development, engineering and product teams daily, helping support the security approvals for applications, drive and improve Application Security processes.

Job Function:

  • Ensure applications and products are secured by driving them through the Secure SDLC processes.
  • Strong emphasis on ensuring security of Applications, Data sharing flows, APIs, JavaScript's and threats from the supply chain.
  • Conduct and drive security design reviews and threat modeling of Applications
  • Partner with Software Development, Engineering and Product teams every day to support their security needs
  • Conduct Application Security scans, code audits and approvals
  • Evangelize security with development teams through Security training programs
  • Triage and drive remediation of security vulnerabilities through the organizations bug bounty program
  • Define overall security strategies and procedures
  • Be instrumental in approving the launch of applications to production after ensuring alignment to security processes
  • Define operational processes to ensure predictable software development outcomes; refine Information Security processes and procedures.
  • Develop and maintain security utilities and metrics dashboards to help track/report on compliance
  • Evaluate software security products and technologies, as required

Job requirements:

  • BSCS degree or an MS degree with appropriate years of experience; We prefer 4-8 years.
  • Ability to conduct secure Software Development lifecycle processes
  • Understanding of threat vectors at Application level is required for web and mobile applications.
  • Must have strong working knowledge of security design reviews.
  • Be able to drive threat modeling exercises
  • Dive deep into security and data sharing threats from Applications, APIs, Client and server side scripts and supply chain attacks
  • Ability to engage with global application and engineering teams, business partners and product managers
  • Ability to deep dive into data and analyze for security and fraud anomalies.
  • Strong knowledge of Application Security Strategies is required
  • Interact with development, engineering and product teams daily.
  • Strong communication and interpersonal skills are extremely desirable
  • You would be encouraged to handle vulnerability remediation of applications and web services, analysis of scan reports and be the first line of interaction and support for security questions from all partner teams
  • Ability to determine risk based on context
  • 2+ years of related hands-on security product development experience (Java, Python, JS) with web applications would be a desirable addition.
  • Experience in other technologies like Java, PHP and Node.JS is a bonus.
  • Ability to build automation tools for security processes for both mobile and web applications is a plus
  • Ability to clearly articulate issues and communicate in an effective and personable manner
  • Ability to adjust quickly to the security needs of a highly agile organization

BENEFITS:

Benefits are an essential part of your total compensation for the work you do every day. Whether you’re single, in a growing family, or nearing retirement, eBay offers a variety of comprehensive and competitive benefit programs to meet your needs. Including maternal & paternal leave, paid sabbatical, and plans to help ensure your financial security today and in the years ahead because we know feeling financially secure during your working years and through retirement is important.

Here at eBay, we love creating opportunities for others by connecting people from widely diverse backgrounds, perspectives, and geographies. So, being diverse and inclusive isn’t just something we strive for, it is who we are, and part of what we do each and every single day. We want to ensure that as an employee, you feel eBay is a place where, no matter who you are, you feel safe, included, and that you have the opportunity to bring your unique self to work.. To learn about eBay’s Diversity & Inclusion click here: https://www.ebayinc.com/our-company/diversity-inclusion/.

This website uses cookies to enhance your experience. By continuing to browse the site, you agree to our use of cookies

View our privacy policy

View our accessibility info

eBay Inc. is an equal opportunity employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status.  If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at talent@ebay.com.  We will make every effort to respond to your request for disability assistance as soon as possible.

For more information see:

EEO is the Law Poster

EEO is the Law Poster Supplement

Your Saved Jobs

You have not saved any jobs.

Recently Viewed Jobs

You have not viewed any jobs.

SIGN UP FOR JOB ALERTS

Receive new career opportunities as soon as they become available!

Areas of InterestSearch for a category, location, or category/location pair, select a term from the suggestions, and click "Add".

  • IT and Technical Operations, San Jose, California, United StatesRemove