HD Supply Security Developer in Atlanta, Georgia

Company Overview:

HD Supply ( www.hdsupply.com ) is one of the largest industrial distributors in North America. The company provides a broad range of products and value-add services to approximately 500,000 customers with leadership positions in maintenance, repair and operations, water infrastructure and residential and non-residential construction sectors. Through approximately 500 locations across 48 states and six Canadian provinces, the company's approximately 13,000 associates provide localized, customer-driven services including jobsite delivery, will call or direct-ship options, diversified logistics and innovative solutions that contribute to its customers' success. With an active commitment to the communities in which we operate, HD Supply associates are part of a thriving organization that supports the virtues of wellness, diversity and inclusion – all of which are top priorities for the company. Equally as important is empowering our associates to grow professionally while providing competitive benefits and compensation. If you’re ready to find a rewarding career and achieve your full potential with a growing industry leader, HD Supply is ready for you!

Job Description & Qualifications:

Job Summary

Provide leadership, supervise, and prioritize development activities and staff for an application area. Design processes and metrics for functional area. Work closely with architects to ensure proper system design. Ensures highest quality implementations from design through QA to production. Assist multiple team members and other project leads in the day-to-day activities related to project work. Perform forward thinking evaluation and research for new packages and releases.

Major Tasks, Responsibilities and Key Accountabilities

  • Anticipates hardware and software design needs. Reviews packages and products to determine viability as solutions and fit for other areas.

  • Reviews technical design and specifications for business and functional requirements fit.

  • Supervises team developing (coding), implementing and maintaining tools/applications. Ensures team members are trained and cross-trained in areas of expertise

  • Evaluates, researches and makes recommendations for upgrades, patches and new functionality.

  • Ensures root cause analysis, metrics, and control processes and employed for defect resolution.

  • Leads development activities for a business application.

  • Assigns and plans resources for projects and RTS.

  • Manages resource expenses and capitalized labor budget and actuals. Nature and Scope

  • Displays the highest level of critical thinking and analysis in bringing successful resolution to high impact, complex, and/or cross department problems. Makes prompt, sound decisions when faced with complex and often contradictory alternatives that result in successful outcomes.

  • Operates with considerable latitude. Situations may have little or no precedent requiring original or new concepts or approaches without guidance from others. Reaches decisions under conditions of uncertainty.

  • Develops or engages/directs others in developing innovative solutions to important, highly complex strategic and operating problems; cross department considerations are often present. Work Environment

  • Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

  • Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.

  • Typically requires overnight travel less than 10% of the time. Minimum Qualifications

  • Must be eighteen years of age

  • Must pass the Drug Test

  • Must pass the Background Check

  • Must pass pre-employment tests if applicable Education and Experience

  • Typically requires BS/BA in related discipline. Generally 8+ years of experience in related field; certification is required in some areas OR MS/MA and generally 5+ years of experience in related field. Certification is required in some areas.

Preferred Qualifications & Job Specific Details:

We are seeking an Application Security Engineer which will provide expert technical guidance and hands on validation of secure solutions during the design, development, and testing of systems supporting HD Supply products and services.The Application Security Engineer will be a member of the eCommerce Team and will be responsible for both Static and Dynamic code analysis, web application security and ongoing penetration testing. The position should be on the forefront of application security

PRIMARY RESPONSIBILITIES:

‪‪ Job Duties and Responsibilities:

  • ‪‪Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the SDLC.

  • ‪‪Perform hands on security testing of products and services to proactively discover risk and track them to resolution.

  • ‪‪Perform validation of security controls to insure adherence with compliance and industry best practices.

  • ‪‪Understand, balance and communicate business risk with security risk.

  • ‪‪High level of personal integrity, with the ability to professionally handle confidential matters, and reflect appropriate level of judgment as it pertains to security.

  • ‪‪Ability to understand business requirements and apply security without adversely affecting the desired functionality.

  • ‪‪Leading includes keeping better communication with other engineers, consultants and leadership in order to conduct other job duties in the above as a team.

  • Provides technical leadership function for assigned security projects including analysis and penetration testing of internally developed applications.

  • Leads the analysis, requirement development, design, documentation, implementation, and maintenance of complex application security solutions.

  • Communicates and contributes to security standards and policies.

  • Proactively collaborates with management in developing strategic direction, setting objectives, and setting realistic and challenging goals.

  • Interfaces with internal and external contributing organizations.

  • Acts as a technical advisor and subject matter expert to internal stakeholders and partners.

  • Maintains a superior knowledge of the security capabilities of modern development languages and application design paradigms.

  • Maintains a working knowledge of applicable application security standards involving critical infrastructure, including those relating to payment processing.

  • Understands technical issues and the implications to the business, and is able to communicate them to management and other business leaders.

  • Experience with architecting, designing, and hands-on development of security prevention & monitoring solutions for all levels of a large-scale Web / eCommerce technology stack.

  • Very strong understanding of potential client and server-side vulnerabilities, including monitoring and securing 3 rd party tools.

Stuff your great at:

  • 2+ years previous experience in information security

  • 3+ years experience working within software development required.

  • Bachelor degree in a computer science or technology-related field preferred.

  • Thorough understanding of the OWASP Top Ten and CWE/SANS Top 25 including the ability to advise on the cause of and remediation for application vulnerabilities.

  • Experience with securing host, database, and application solutions for multi-tier systems.

  • Experience with multiple development methodologies to include agile and RUPPS desired.

  • Experience with implementing and operating system, network, and host security technologies and assessment tools.Solid understanding of Antivirus software

  • Solid understanding of SOA, Web Services and web API’s

  • High level understanding of SSL/TLS protocols and ciphers.

  • Agile experience a must

Preferred Skills:

  • OSCP or CEH certifications highly desirable

  • Certifications such as CISSP, GIAC, GSSP-JAVA preferred.

  • At least 2 or more years of application centric security experience such as security focused code review, WAF configuration and tuning, application penetration testing or application security architecture

  • Active participation in the security community and/or contributor to open source security tools or projects.

PRID:

PRID105

Job ID 2016-20379

Business Unit Facilities Maintenance

Posted Date 12/8/2016

Functional Area Information Technology

Job Locations US - GA - Atlanta

Remote Position? No

Position Type Full-Time