Engineer Sr., Application Security

Carnival Corporation is the world’s largest leisure travel company, and they are seeking a Senior Application Security Engineer to implement and maintain software security capabilities. This role involves collaborating with development teams to enhance security practices and automate governance processes in a cloud-based environment.

Responsibilities:

• Program, engineer, implement, and administer IT Security technical controls and tools to assess vulnerabilities, misconfigurations and incidents
• Consult with development teams to test and assess software vulnerabilities from sources like security scanners and bug bounty programs
• Implement and automate new governance processes and controls to ensure that application security activities are being carried out and are done so easily by software development teams
• Develop and maintain cloud infrastructure and Kubernetes clusters using modern techniques like infrastructure as code (IaC) to host Application Security capabilities for consumption by brand teams
• Perform security reviews of applications and releases to ensure they meet relevant policies, standards, and guidelines

Requirements:

• Bachelor's Degree in Computer Science, Software Engineering, Mathematics, or similar; 5+ years of professional experience
• Hands-on experience writing software applications, including APIs, web applications, and scripts
• Strong experience operating and administrating common security tools like SAST and DAST scanners
• Strong experience communicating security findings to teams and following through on remediation efforts
• Hands-on experience performing threat modeling and adversarial testing of software applications
• Hands-on experience with cloud-native application development and operations, including the use of CI/CD pipelines, cloud compute resources, and containerization (e.g. Docker and Kubernetes)