Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Principal Application Security Engineer

iHerb Inc.

Location and Remote Policy United States of America – Remote / Home Office – must reside in U.S. Role Overview Are you passionate about securing global‑scale e‑commerce services and applications that power millions of customers across more than a hundred countries? We are looking for a hands‑on Principal Product Security Engineer to lead Secure Development Lifecycle assurance processes, security automation technologies, the hardening strategy across our product, and respond to current and emerging security threats. Responsibilities Lead cross‑functional projects and establish cutting‑edge security development lifecycle practices. Directed security design reviews and threat modeling for new and existing services at iHerb. Evaluate, prototype, implement, and operate security‑focused tools and services. Create new secure architecture standards, frameworks and patterns spanning multiple layers. Discover and analyze emerging security threats, determine applicability to iHerb and proactively implement centralized mitigations. Maintain a strong knowledge of current security threats and operational best practices. Drive security assessment, penetration testing and bug bounty programs. Participate in security incident response. Qualifications Demonstrated technical foundation (Computer Science / Engineering degree or equivalent). 10+ years of technical security leadership at a top‑tier software company including experience with security products, threat modeling, security design, security architecture, cryptography, mobile security and broader cloud computing technologies. Solid understanding of common application and infrastructure security vulnerabilities and mitigations (OWASP Top 10, CWE…). Proficiency implementing SDL process, technology, and automation in a DevOps environment. Experience with large‑scale web applications and microservices, including API design, access management, authorisation, authentication, data protection and encryption. Excellent problem‑solving, critical thinking, collaboration and communication skills. Bonus Qualifications Experience with Cloudflare security, AWS VPCs, EC2 instances and Docker. Ability to drive good decisions through data with great attention to detail and deliver KPIs. Experience driving application security training, security champions and awareness campaigns. Active contributor to the security community (research, open source, publications…). Pay Scale and Benefits The anticipated pay scale for this position can be found below; it may vary by geographic location. The final pay offered to a successful candidate will depend on experience, skill set, and other factors. Employees and their families that meet eligibility criteria may participate in our medical, dental, vision, and basic life insurance programs, and enroll in our 401(k) plan. Employees are also eligible for time off, paid sick leave, and paid holidays. RSUs and annual bonuses may be awarded based on eligibility and performance. For more information on iHerb benefits, visit iHerbBenefits.com. About iHerb iHerb is on a mission to make health and wellness accessible to all. We are the world’s largest e‑commerce platform dedicated to vitamins, minerals and supplements, serving consumers in over 180 countries with more than 50,000 products from 1,800 brands. Equal Opportunity Employer iHerb is an equal‑opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. iHerb prohibits discrimination and harassment. #J-18808-Ljbffr

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Principal Application Security Engineer in New York, NY vacancy
  • A Fortune-level consumer technology company is seeking a Principal Technical Product Security Engineer to secure complex client applications. This hybrid position involves leading architecture reviews, embedding security in the software development lifecycle, and mentoring... 
    Principal

    Audit Data Search, Inc.

    New York, NY
    2 days ago
  •  ...message the job poster from Signature IT World Inc Skills: Application Security, Burp Suite and Owasp Zap, Offensive Security Testing against...  .... Be a subject matter expert and respond to any security engineering questions/ requests related to Application Defense enhancements... 
    Suggested
    Contract work
    Flexible hours

    Signature IT World Inc

    New York, NY
    1 day ago
  • $140k - $200k

     ...Role As a Senior Application Security Engineer on the Application Security team, you will be a trusted partner to engineering, product, and business teams across Gemini. You will help guide teams to design and build secure products while building systems and culture that... 
    Suggested
    Work at office
    Remote work
    Flexible hours

    Gemini

    New York, NY
    1 day ago
  • $192k - $240k

     ...As a Senior Security Engineer on the AppSec Foundations team, you will be instrumental in making secure behavior the default across the Datadog...  ...on turning findings into systemic improvements Leverage application telemetry (logs, traces, metrics) to assess security posture... 
    Suggested

    Datadog

    New York, NY
    1 day ago
  •  ...Interested in applying for the Senior Application Security Engineer role at Nomura , a leader in global banking and financial services. This position is based in New York, NY, and reports directly to the Application Security Lead. Role Overview We are looking for a talented... 
    Suggested
    Full time

    Nomura

    New York, NY
    1 day ago
  • $180k - $230k

     ...Overview Senior Application Security Engineer role at GlossGenius. GlossGenius is building an ecosystem enabling entrepreneurs to succeed, offering business management tools including booking, marketing, analytics, payment processing, and more. Over 100,000 small business... 
    Work at office
    Remote work
    Home office
    Flexible hours

    GlossGenius

    New York, NY
    1 day ago
  •  ...against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR...  ...disability. Envision yourself at Barracuda As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll... 
    Worldwide

    Barracuda Networks

    New York, NY
    21 hours ago
  •  ...identifying and prioritizing risks specifically related to application security. Develop, socialize, and implement security strategies to address...  ...security control. Requirements Senior Application Security Engineer Mandatory Skills/Experience 12 years of experience in... 
    Flexible hours

    Network Temp Inc

    New York, NY
    9 hours ago
  • $165k - $190k

     ...Senior Application Security Engineer New York, New York, United States Tatari is on a mission to revolutionize TV advertising. Founded in 2016 to help transform the antiquated world of TV advertising through the intelligent application of AI and machine learning,... 
    Work at office
    2 days per week

    Tatari

    New York, NY
    2 days ago
  •  ...Position: Senior Security Engineer – Application Security Location: New York, NY (Hybrid – 4 Days Onsite Per Week) About the Opportunity Our client...  ...secure software development practices and secure coding princip Experience conducting threat modeling, architecture reviews... 
    Full time

    STEPS Talent

    New York, NY
    1 day ago
  •  ...As a Security Engineer at Crosby, you'll play a critical role in designing and implementing the security foundations of our platform. You...  ...speed required in a fast‑moving environment. What you'll do Own application and infrastructure security: Design and implement security... 

    C R O S B Y

    New York, NY
    1 day ago
  • $85.7k - $125.69k

     ...provider of used and new car financing across the country. Our Engineering and Analytics Team Members utilize the latest technology to...  ...work environment and Great Place to Work culture! The Application Security Engineer is responsible for securing the software and applications... 
    Casual work
    Work at office
    Remote work
    Work from home
    Shift work

    Credit Acceptance

    New York, NY
    2 days ago
  •  ...Application Security Engineer Cloud Engineering/DevOps Join a dynamic application security team focused on building and maturing security programs within a fast-paced, collaborative environment. This role involves supporting secure development practices, security operations... 

    Delphi-US, LLC - Peacemakers in the Talent War

    New York, NY
    1 day ago
  • $130k - $200k

     ...function, collaborating closely with software engineering, DevOps, and product teams. Your...  ...identifying vulnerabilities, designing secure solutions, and embedding security practices...  ...reviews, and security assessments of applications and APIs. Build and maintain automated... 

    Franklin Fitch

    New York, NY
    1 day ago
  •  ...and catch regressions — turning production data into better AI with every release. About the Role We're looking for an Application Security Engineer who lives in the code. Braintrust is a real-time, high-availability data platform that runs in both SaaS and self-hosted... 
    Flexible hours

    Brain Trust Inc

    New York, NY
    1 day ago
  •  ...Role Adaptive Security is the fastest-growing company in AI cybersecurity. We started...  ...protecting organizations from AI-powered social engineering - deepfake phone calls, spear phishing,...  ...be best in class. We're looking for an Application Security Engineer to own application... 
    Work at office
    Local area

    Adaptive Security Corporation

    New York, NY
    4 days ago
  • $190k - $250k

     ...performance, our value-oriented philosophy - and our people. We are seeking a Director of Application Security to join Apollo's global Cyber Security & Risk team within Engineering. This leader will define and drive the firm's application security strategy-... 

    Apollo Global Management

    New York, NY
    2 hours ago
  • A CHRLY, baseada nos Estados Unidos, está à procura de um profissional na área de segurança de software. A posição oferece a oportunidade de trabalhar remotamente e é voltada para garantir a segurança das aplicações em todas as etapas do SDLC. Os candidatos devem ter experi...
    Remote job

    CHRLY

    New York, NY
    2 days ago
  • A technology company is seeking a Security Engineer for application security to identify and mitigate vulnerabilities in software applications. This role involves collaborating with development teams, conducting security assessments, and developing security tools. Candidates... 
    Remote job

    OpenAI

    New York, NY
    2 days ago
  • OpenAI is seeking a Security Engineer specializing in Application Security to identify and mitigate vulnerabilities within software applications. Responsibilities include conducting security assessments, developing security tools, and collaborating with development teams... 
    Remote job
    Relocation package

    OpenAI

    New York, NY
    2 days ago
  • $170k - $200k

     ...AI across their organizations. We design and deliver secure, scalable, agentic AI‑native platforms that reshape how...  ...change, this is where you belong. About the Role The Principal Application Modernization Engineer is a senior technical leader who defines the scope of... 
    Principal

    Liatrio

    New York, NY
    2 days ago
  • $210k - $230k

     ...report into the Director, Information Security and build relationships with technology...  ...payment systems to identify and remediate application vulnerabilities. This individual...  ...increase our AppSec posture and enable our engineers to code safely. Innovate with AI and deliver... 
    Full time
    Work at office
    Flexible hours

    Upside

    New York, NY
    2 days ago
  • Braintrust in New York is seeking an experienced Application Security Engineer to enhance platform security for their high-availability data systems. In this role, you will craft secure design practices, review code in TypeScript, Python, and Go, and lead AI-specific security... 
    Flexible hours

    Braintrust

    New York, NY
    2 days ago
  • Crosby is seeking a Security Engineer to design and implement critical security measures for our platform in New York City. You will play...  ...candidates will have 4+ years in security engineering and a strong understanding of application and cloud security. #J-18808-Ljbffr Crosby

    Crosby

    New York, NY
    2 days ago
  • $180k - $250k

     ...beacon of truth in global media and we need your help adding fuel to the fire. About the Role Polymarket is looking for an Application Security Engineer to embed security throughout our software development lifecycle. You'll partner directly with product and engineering... 
    Full time
    Contract work
    Immediate start

    Polymarket

    New York, NY
    a month ago
  • $405k

     ...a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together...  ...AI systems. About the role We are seeking a Security Engineering Manager to lead our Application Security team in ensuring the security and... 
    Work at office
    Visa sponsorship
    Flexible hours
    Shift work

    Anthropic

    New York, NY
    more than 2 months ago
  •  ...We offer complete building controls and engineering solutions, including precision design,...  ...management for greater efficiency, comfort, and security. Job Summary Control Solutions Group,...  ...BAS System Engineer works with the BMS Applications Engineers and Controls Project... 
    Full time
    Flexible hours

    EMCOR Group

    New York, NY
    21 hours ago
  • $105k - $130k

     ...R10091019 Applications Engineer (Open) Location: Twinsburg, OH (AES) – Management – ALTEC Atlanta, GA (APG) – Bulk cryo logistics – ANC Overview As a member of the Airgas ALTEC Engineering Solutions Group based in the Cleveland, Ohio area, this individual will drive the... 
    Local area
    Night shift
    Weekend work

    AIRGAS INC AND SUBSIDIARIES

    New York, NY
    21 hours ago
  •  ...part of Securitas, is a world‑leading provider of integrated security solutions, connecting and optimizing businesses of all...  ...an unparalleled client experience. Position Summary As an Applications Engineer, you will formulate engineered estimates and budgets for new... 
    Temporary work
    For contractors
    Work experience placement
    For subcontractor

    Securitas Technology

    New York, NY
    21 hours ago
  • $130k - $175k

     ...Thank you for your interest in Uncountable Engineering! Description Uncountable is seeking experienced engineers to lead the...  ...to accelerate discovery through Generative AI. As an LLM Applications Engineer, you will be the architect of our LLM infrastructure... 

    Uncountable Inc

    New York, NY
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Principal Application Security Engineer. Be the first to apply!