Application Security Engineer

C.H. Robinson is looking to hire an Application Security Engineer. In this role you will be responsible for improving the security of our applications and supporting its technology platforms (such as Hashicorp Vault, etc.). As a member of a globally distributed security team, you will have a direct impact on the organization's security program. You will be involved in identifying security alerts and working with application owners to remediate issues. As a subject matter expert, you will be responsible for maintaining and building upon developer-facing application security policy and best practice documentation.

C.H. Robinson recognizes the importance of workplace flexibility. We are committed to providing a remote-friendly work environment, both now and in the future. Our global technology teams will continue to have the flexibility that enables you to work where you are most effective, whether that be remote or in the office.

Responsibilities:

• Maintain day-to-day operations of HashiCorp Vault, Consul, and Terraform - a Secret management tool
• Monitor logging and alerting and respond to the issues in the vault and other security tooling systems
• Troubleshoot application security support requests and application security tooling in developer pipelines (ADO, Jenkins, Octopus Deploy)
• Design and build developer-facing self-service automation experiences while maintaining existing application security automation
• Serve as a source of expertise in security best practices to engineering and development teams
• Implement tools to test and enforce application security policy as part of DevSecOps pipeline
• Maintain current situational awareness of trends in cybersecurity threats and specific organizational threats
• Serve as on-call support rotationally to address critical incidents

Required Qualifications:

• Bachelor's degree or equivalent work experience and a high school diploma/GED
• Experience with Hashicorp Vault and ability to troubleshoot both application and client end
• Automation skills of any capacity (Terraform, Github actions, Azure Pipelines, Python, or shell scripting)
• Solid grounding in information security principles and web application security
• Experience integrating security into SDLC including Static Analysis, Dependency Scanning, and Dynamic Testing (Github, SonarQube, Burp suite, Dependabot, Vault)
• Ability to meet aggressive deadlines while working complex projects across multiple groups and geographies
• Ability to understand potential impact through triage and work with teams to remediate findings

Preferred Qualifications:

• A strong troubleshooting mindset (SOC level)
• Ability to work in a support capacity
• Strong documentation skills
• Experience with building, maintaining, and troubleshooting Github Actions and Azure Pipelines
• Experience triaging application security findings and alerts
• Experience with the Github Security portfolio (Dependabot, Secret Scanning, CodeQL.)
• Good understanding of Kubernetes and containerization environments
• Experience with troubleshooting in cloud environments
• Experience with Cloud Security Posture Management tools
• Experience with Okta, Azure AD, OAuth 2.0, OIDC
• Previous experience establishing and utilizing measurements, processes, and metrics to manage support activities
• Knowledge of mobile application and device security (iOS/Android)
• Experience with C#, JavaScript and Node.js development
• Excellent communication skills - ability to partner, gain trust, influence, coordinate, and motivate resources
• Proactive, accountable, autonomous, and solutions oriented
• Growth mindset to learn and take on new challenges
• Values a diverse and inclusive work environment

Questioning if you meet the mark? Studies have shown that women and people of color may be less likely to apply unless they match the job description exactly. Here at C.H. Robinson, we're building a diverse and inclusive workplace where all employees feel they belong. If this position excites you, we welcome you to apply whether you check all the preferred qualifications or just a few. You may just be our next great fit!

Equal Opportunity and Affirmative Action Employer

C.H. Robinson is proud to be an Equal Opportunity and Affirmative Action employer. We believe in equality for all and celebrate the diversity of our employees, customers and communities. We believe this increases creativity and innovation, drives business growth and enables engaged and thriving teams. We're committed to providing an inclusive environment, free from harassment and discrimination, where all employees feel welcomed, valued and respected.

Affirmative Action Employer/EOE/M/F/Disabled/Veteran

Benefits

Your Health, Wealth and Self

Your total wellbeing is the foundation of our business, and our benefits support your financial, family and personal goals. We provide the top-tier benefits that matter to you most, including:

• Two medical plans (including a High Deductible Health Plan)
• Prescription drug coverage
• Enhanced Fertility benefits
• Flexible Spending Accounts
• Health Savings Account (including employer contribution)
• Dental and Vision
• Basic and Supplemental Life Insurance
• Short-Term and Long-Term Disability
• Paid and floating holidays
• Paid time off (PTO)
• Paid parental leave
• Paid time off to volunteer in your community
• Charitable Giving Match Program
• 401(k) with 6% company matching
• Employee Stock Purchase Plan
• Plus a broad range of career development, networking, and team-building opportunities

Dig in to our full list of benefits on OUR CULTURE page.