Senior Application Security Engineer - Dublin, Ireland
- Location DUBLIN, IRELAND
- Department Technology
- Team Security
- Employment Type -
- Position -
- Requisition GH1067520
What you'll do at
We need super smart engineers from all levels to help us build one of the best engineered e-commerce platform in the world (big talk we know, but that is our goal!). Our engineers combine creativity, curiosity, and drive to continuously perfect and revolutionize Jet from the inside out. Jet is a technology first company and prides itself on its culture of learning and knowledge sharing and we want all our engineers to be as passionate as we are!
We have a hybrid configuration with on premise servers and cloud based servers using Microsoft Azure with a large number of technologies and middleware. Our team uses a mix of Windows, Apple, and some Linux for our systems management platforms and cutting-edge network equipment. About 50% of the development platform runs on Linux and the rest Windows.
Jet continues to grow an elite information security team and is looking for a strong hands-on Senior Application Security Engineer. You will support the largest private organization in the world and you’ll be able to access the resources and scale of a Fortune 1 company, while leveraging the innovative technology and nimble environment of an early stage startup. You will be a key member of the enterprise security team, and will work closely with application teams to assess the application threat landscape, build security into the SDLC and develop secure solutions that integrate seamlessly in agile development processes. As a Senior Application Security Engineer, you will work with new technology and implement security solutions to improve the enterprise application security posture.
- Developing secure application frameworks and services for enterprise consumption
- Performing application threat modeling
- Guiding application development teams to integrate secure development practices in enterprise build and deploy solutions
- Participating in enterprise design reviews
- Evaluating application security tools and deploying new automation strategies to improve our enterprise application security posture
- Enhancing the enterprise security posture by identifying security vulnerabilities and weaknesses in applications and infrastructure
- 3+ years hands-on experience in Information Security
- Programming experience in Python, Bash, C# .NET, or Java
- Substantial knowledge of web application attacks and defense strategies (SQL injection, XSS cross-site scripting, CSRF, DoS, logic flaws, API attacks, etc...)
- Background in penetration testing using tools such as Nessus, Burp, Volatility Framework, Metasploit, etc.
- Detailed understanding of Windows, OS X, and Linux security
- Experience with managing endpoint and server protection technology such as anti-malware, whitelisting, and vulnerability management tools
- Hands-on experience and working knowledge of Azure services and experience building High-Availability environments.
- Experience with Splunk or similar log management tools
- Contributions to the security community such as research, CVEs, presentations, bug-bounty recognitions, open-source, blogs or publications.
- Strong communication skills and the ability to work collaboratively with IT staff
Health & Wellness
Healthy snacks, gym membership, in-house yoga classes, games room, relaxation rooms, wellness events.
Pension plan, full medical insurance – family plan (with dental and vision), life insurance, Equity, Annual reviews and bonus.
Minimum 5 Weeks Vacation & flexible time
Take a break and detach. We mean it!
Events & Education
Personal training budget, tech meet-ups, parties and milestone celebrations, continued learning, hard and soft skills training, travel opportunities. Join us at our next event: https://www.meetup.com/Jet-Technology-Dublin/
All this… and much more
Modern office in Dublin City Centre with standing desks and whiteboard walls, stocked kitchen with 24/7 snacks and regular team breakfast/lunch/happy hours, bike-to-work scheme, tax-saver commuter ticket system, discounts on Jet.com and many others.
Our Privacy Statement for Jet websites
We understand how important your privacy is to you.
Our aim is to be as clear and open as possible about what we do and why we do it. Jet understands the importance to its users of their online privacy.
This Jet website is run by Walmart Inc. ("we", "us", "our")
Information we collect
You can have a look through the site without giving us any of your personal information (though, as mentioned below, we do automatically collect certain information with respect to usage of our site).
If you decide to apply for a position with Jet through the site or an agency, Jet will need to collect and process your personal information, including:
- Name, address and postcode - We need this to send you all of the recruitment information.
- E-mail address - We send a confirmation of your application by email. We may use e-mail or telephone to speak to you about similar vacancies unless you have asked us not to. We may also contact you by e-mail if you have only partially completed an application. But don’t worry. We won’t fill up your inbox with boring emails.
- Contact telephone numbers - If there are any problems with your application, or we have to clarify anything with you, we need to be able to contact you quickly. Again, we certainly won’t call you for any other reason.
- Your application – Well, we definitely need this so we can assess you. Such personal information will include details of your skills (including education, professional qualifications and training), employment history and referees. You should only provide the personal information required by our application template. This template includes a question about any adjustments that may be required should you be invited for an interview or assessment.
- Criminal records checks – For some roles, we might need to enquire about previous criminal convictions or carry out criminal records checks which are relevant to the role. If this is necessary, we’ll make you aware of this as early in the recruitment process as possible.
- Sensitive personal information relating to your gender, race or ethnic origin, religion or belief, age bracket, details of any disability and sexual orientation is requested for the purpose of monitoring the effectiveness of our Equal Opportunities policy. This information is held in anonymous form and is not directly accessible by Jet.
- Basic documentation checks. We are required by law to make basic documentation checks on every candidate. Please note that we’ll ask you to provide documentation of your eligibility to work in the UK if you’re invited to attend the next stage of the recruitment process with us. Other relevant personal information specified during the online application process that is relevant to recruitment.
How we use the information we collect
The personal information you provide will be used to:
- Process your application.
- Consider you for the position you have applied for, and any upcoming vacancies that are suitable (unless you have opted not to be contacted in respect of subsequent vacancies).
- Fulfil Jet's legal obligations.
- Carry out internal record keeping.
- Provide general information (which does not identify individuals) and statistics to help Jet develop its websites and services.
- Make up part of your personnel records if your application is successful. However, this will only be for as long as it’s relevant to your employment at Jet.
- Approach your nominated referees for the purposes of obtaining references.
- Carry out equal opportunities monitoring (see above re: sensitive personal information)
- Check your eligibility to work in the UK
Where you provide personal information about somebody else, like your referees, you should always ask them beforehand to get their consent.
We also use information collected through cookies – the way in which we do this and the reasons why are outlined below in the section on Cookies we use and why we use them.
As mentioned above, we may keep your job application and use it with respect to any future jobs with Jet that become available in the future. If you don’t want us to do so, let us know.
When you visit our site, we will automatically receive your IP address, a unique identifier for your computer or other access device.
Our sites use a number of different cookies. Below we explain the cookies we use and why we use them.
What is a cookie?
A cookie is a small text file that may be placed on your device when you visit our sites. When you next visit our sites, the cookie allows us to distinguish your device from other users.
There are two broad categories of cookies:
- Persistent cookies
Persistent cookies remain on your device until deleted manually or automatically.
- Session cookies
Session cookies remain on your device until you close your browser when they are automatically deleted.
Cookies we use and why we use them
- Essential cookies
Essential cookies are technical cookies that are required for the operation of our sites. Without essential cookies our sites can’t operate properly. Essential cookies include, for example, cookies that enable you to log into secure areas.
- Performance cookies
Performance cookies allow us to recognise and count the number of visitors to our sites and to see how visitors move around them. This helps us to improve the way our sites work by enabling us to tailor our sites to the way visitors use them. The information we collect from performance cookies is aggregated which means that we cannot directly identify you from it.
- Experience cookies
Experience cookies allow our sites to remember the choices you make. Our sites use experience cookies to provide you with enhanced and personalised features. For example, we use information collected through what are known as “web-analytic” cookies to compare the choices you make to those of our other users so that we can learn from those choices. Information collected by experience cookies cannot track your browsing activity when you leave our sites to browse other sites.
- Marketing cookies
Marketing cookies record your visits to our sites, the pages you have visited and the links you have followed. We use this information to make our sites and the advertising displayed on them more relevant to your interests. For example sometimes we use marketing cookies to limit the number of times that you see an advert. Sometimes we share information about your browsing activity, (which we have collected from cookies), with our advertising partners. They may use this information to advertise products, which may interest you, on other sites.
However, if you do disable cookies, it is possible that you may not be able to access all or parts of our sites. If you carry on using our sites and do not change your browser settings or disable cookies, we will understand that you consent to us using cookies as described above.
If you wish to opt-out of being re-targeted via display and search ads, and/or advertised to via cookies’ tracking, please click here to find out how to do so.
Why are we allowed to collect your information?
The reason depends on the particular activity we use your Information for. During the recruitment process, we will collect your Information if one of the following applies:
- We need to use your Information to enable us to run our business successfully (the law calls it “legitimate interests”). This includes recruitment and hiring processes.
- We can only do this if we can show that there is little or no risk to you or your personal information rights (see “Your Rights”)
- We believe that our use of your personal information for recruiting purposes creates little or no risk to you or your rights but we want to be sure that you are happy for us to do it, so we will always ensure that we put you and your interests first.
- We also make it easy for you to exercise your right to ask us to stop processing your application at any time– simply contact us at the address provided in the Your Rights section.
- We need to use your information to comply with a law which we are subject to or we are legally obligated to do so. Where the law tells us that we need to use certain information, then we are allowed to do so, as long as we only use it for that purpose.
- You have specifically given us your permission (the law calls it “consent”). Where we need your consent to use your personal information for a particular purpose, we must be able to show that the consent is:
- Specific – we have to tell you exactly what activity your consent covers.
- Informed – we have to provide you with clear details of what you are consenting to.
- Freely given – you must have a genuine choice; for example, we couldn’t say “by registering for our free Wi-Fi, you consent to us sending you marketing emails” because that would prevent you from using the Wi-Fi service if you chose not to consent to marketing emails.
- Unambiguous – this means that you must have clearly indicated your wishes by confirming your agreement to a statement (e.g. by ticking a box) or taking some positive action to show that you intended to give your consent.
We will need your consent for the following activities – we will always make it clear at the time:
- Placing cookies on your device to find out how you use our websites so we can personalise what you see by tailoring advertisements and notifications to the things you are interested in
- Using the location tracking function on your mobile device to enable location based services and advertising
- Certain situations where you share sensitive Information about yourself, such as your health
Who we share the information with
We may share your information collected through cookies with advertisers and adverting networks so that we or they can show you relevant and interesting ads on and off our services. However, we do not share information that personally identifies you (personally identifiable information is information like name or email address that can by itself be used to contact you or identifies who you are) with advertising, measurement or analytics partners unless you give us permission. We may provide these partners with information about the reach and effectiveness of their advertising without providing information that personally identifies you, or if we have aggregated the information so that it does not personally identify you. For example, we may tell an advertiser how its ads performed (e.g. 500 men aged under 30 have clicked on their ad on any given day).
Processing by third parties
In order to carry out the steps set out above we may send your personal information outside of the European Economic Area and, if necessary, across international borders. The data protection laws in these countries may not be as comprehensive as in the European Economic Area. However, we have taken appropriate steps to make sure the same level of protection for the processing carried out in these countries as within the European Economic Area. Any details you provide may be electronically sent to the US to our parent company Walmart Inc., which helps us in running our websites. However, any such information will be dealt with in accordance with the Irish Data Protection Acts 1988 and 2003.
Storage of data
We will not store your personal information for any longer than we need to. However, we may be obliged by law to store your communications and personal information including activity logs and we may need to show details of these to government or authorised officials upon request. Like many websites, we use log files to monitor the effectiveness of our online marketing programmes.
How long do we keep your information?
Successful candidate information will be transferred onto their employee personnel record and will be held for the time they are employed by Jet and an additional 7 years once they leave the business.
Unsuccessful candidate information will be held for one year following the application to allow for the candidate to appeal the decision.
Potential candidates held with our candidate relationship management database will be retained for 12 months after the last contact and be given the opportunity through the process to remove their information if they choose to do so.
You have a right to access the personal information that is held about you. To obtain a copy of the personal information Jet holds about you, please write to us at the following address enclosing your postal details and a cheque for €6.35, which we are entitled by law to charge, payable to Jet Engineering Technology Limited:
C/O Talent Department,
Jet Engineering Technology Limited
2nd Floor 1-2 Victoria Buildings
You can also request that we update, correct or delete any inaccuracies in your personal data. You may also request that we cease processing your personal data where such processing is causing you harm. You can do this by contacting us at the above address.
If you send us a request to exercise any of these rights and we don’t complete it within a month, or if you are unhappy about the way we or any of our partners are handling your personal information, you can lodge a complaint by contacting us at the address above
If you are not happy with our response or handling of your complaint, you have the right to report your concern to the Data Protection Commissioner, whose contact details can be found on their website at: https://www.dataprotection.ie.
We seek to ensure that we keep your personal information accurate and up to date. However, you are responsible for informing us of any changes to your personal information and other information (such as a change in contact details) as this is out of our control.
Third-party privacy practices
Our site may contain links to and from the websites of our trusted partners and trusted networks, advertisers, and affiliates. If you follow a link to any of these websites or ask us to provide your information to a third party, please note that such third parties have their own privacy policies and that we do not accept any responsibility or liability for these policies or such parties’ privacy practices or conduct.
Notification of changes to this policy