Home
/
Software Engineering
/
Senior Engineer, Application Security, ELC Online
Senior Engineer, Application Security, ELC Online-May 2024
New York
May 1, 2025
ABOUT ELC BEAUTY
The Estée Lauder Companies Inc. is one of the world’s leading manufacturers and marketers of quality skin care, makeup, fragrance, and hair care products. The company’s products are sold in approximat
10,000+ employees
Consumer Goods & Services
VIEW COMPANY PROFILE >>
About Senior Engineer, Application Security, ELC Online

  Senior Engineer, Application Security, ELC Online

  WHO WE ARE

  Estée Lauder Companies Online (ELC Online) is the online division of the Estée Lauder Companies Inc. family of brands. We are a tech company, inside of a cosmetics company. We were early adopters of eCommerce in the 90s and have consistently set the industry standard for prestige beauty e-commerce. We support over 400 websites for household names like Estée Lauder, MAC, Clinique, Origins, Jo Malone and Bobbi Brown. We do so from our own in-house technology teams, supported by some great technology partners.

  With headquarters in the heart of Silicon Alley in Manhattan's Flatiron District and offices located around the world, United Kingdom, France, China and many more, we connect with our customers anytime, anywhere, from any device. We're committed to innovation, working with the best tools and technologies available to help our shoppers seamlessly navigate the digital world of beauty. ELC Online is a collaborative work environment that hums with the buzz of 80% female leadership. It's also home to bold technologists who are shaping the future of beauty.

  ROLE SUMMARY

  The Estée Lauder Companies Online platform powers our Online Commerce, Innovation and Omnichannel initiatives for a portfolio of over 400 sites. We are looking for a new member of our Threat Intelligence team, which is part of a larger security group responsible for the security and compliance at ELC Online. The focus of your role will be on application security in particular, and ensuring that possible threats to the e-commerce applications, the platform as a whole, or the infrastructure, are identified, analyzed and remediated in a timely manner.

  WHAT YOU NEED TO SUCCEED

  Have excellent problem-solving skills and be able to perform research and analysis of data and information associated with threat activities. Have a fundamental understanding of different operating systems and concepts related to information security and data privacy. Be language agnostic and agile to pick up new languages and skills and deliver new solutions to unexpected problems. Be willing to learn, follow the trends within the technology space and be able to help future proof solutions. Be able to dedicate time for self-investment through training, certifications, and research. Be open-minded and actively ask questions, listen, and respect other people's opinions. Be able to stay focused on the tasks, prioritize them, and control your time effectively. Be able to communicate effectively with different stakeholders. Be able to work closely with other teams and independently.

  WHAT YOU WILL BE DOING

  Supporting product and development teams in the area of application security, providing hands-on remediation guidance and direction. Verifying the validity of the pentesting reports, internal reports, and external reports related to security findings and potential issues. Analyzing the likelihood of emerging threats impacting the organization and identifying the weaknesses that could be potentially exploited. Delivering reports and recommendations to the business to enable the effectiveness of mitigation and remediation efforts. Analyzing current and planned third-party integrations from the perspective of the risk to security and privacy. Developing mitigation plans and designing technical solutions to address security weaknesses. Participating in and supporting application security reviews and code reviews. Monitoring and analyzing external and internal cyber threats to assess risk. Improving the security tooling, logging and alerting. Providing insights to influence threat mitigation strategies. Consolidating cyber threat intelligence feeds and sources. Analyzing system services and code, and discovering security exposures.

  Qualifications

  TECHNICAL REQUIREMENTS

  Relevant experience in e-commerce, SaaS or similar. Strong knowledge of secure design practices and common software vulnerabilities such as OWASP Top 10 and CWE Top 25. Experience in using DAST and SAST tools, including integrating those into CI/CD and linking them with the issue tracking systems. Experience with Web Application Firewalls and configuring those. Technical expertise in secure software development. Knowledge of common and emerging security threats. Experience in using SEIM systems. Knowledge of Elixir/Erlang and JavaScript is a plus.

  The anticipated base salary range for this position is $98,500 to $165,750. Exact salary depends on several factors such as experience, skills, education, and budget. Salary range may vary based on geographic location. In addition to base salary, this position is eligible for participation in a highly competitive bonus program with possibility for overachievement based on performance and company results as well as participation in the share incentive plan.

  In addition, The Estée Lauder Companies offers a variety of benefits to eligible employees, including health insurance coverage, wellness and family support programs, life and disability insurance, retirement savings plans, paid leave programs, education-related programs, paid holidays and vacation time, and many others. Many of these benefits are subsidized or fully paid for by the company.

  Job: Online / E-Commerce

  Primary Location: US-NY-New York

  Job Type: Standard

  Schedule: Full-time

  Shift: 1st (Day) Shift

  Job Number: 2315009

  We are an equal opportunity employer. Minorities, women, veterans, and individuals with disabilities are encouraged to apply. It is Company's policy not to discriminate against any employee or applicant for employment on the basis of race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances. The Company will endeavor to provide a reasonable accommodation consistent with the law to otherwise qualified employees and prospective employees with a disability and to employees and prospective employees with needs related to their religious observance or practices. Should you wish to apply for this position or any other position with the Company and you believe you require assistance to complete an application or participate in an interview, please contact [email protected].

Comments
Welcome to zdrecruit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
SIMILAR JOBS
Sr. Equipment Electrical and Control Engineer
Company Description At Intuitive, we are united behind our mission: we believe that minimally invasive care is life-enhancing care. Through ingenuity and intelligent technology, we expand the potenti
PCBA Test Engineer - Guadalajara
About NetApp We're forward-thinking technology people with heart. We make our own rules, drive our own opportunities, and try to approach every challenge with fresh eyes. Of course, we can't do it al
Software Developer Co-op (Summer 2024)
Overview About Intuit, Inc. At Intuit, we get up every morning with our hearts beating fast, driven by the knowledge that we're transforming the world of consumer and small business finance. We're ob
Senior AWS DevOps Engineer - Remote
Senior AWS DevOps Engineer - Remote Position Description We are seeking a Senior AWS DevOps Engineer to join our CGI team in support of a long-standing large California client! • This position can be
Lead Experience Engineer- React
Description As a Lead Experience Engineer, you'll be working as part of an agile team with other passionate, driven, and talented people, creating innovative solutions for our clients. Your primary r
GCP Security Engineer (Guard Rails)
Description As a GCP security engineer, you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. You'll have the unique opportunity to
Sr. Python/AWS Data Engineer - Remote
Sr. Python/AWS Data Engineer - Remote Position Description Are you motivated by the opportunity to delight your clients by providing them with innovative solutions to sophisticated technical problems
Network Engineer
Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep their digital systems secure and reliable
Senior Software Engineer
We're excited to welcome a skilled Senior Frontend Web Engineer to join our dynamic team! As a part of the team, you will play a crucial role in developing and implementing our groundbreaking Web SDK
Full Stack Delivery Engineering Lead - Global Solution
Introduction: If you have a passion for delivering high-quality and consistent solutions for our global clients and want to work with the latest technology and platforms to create amazing experiences
ELC BEAUTY OTHERS JOBS
About
Terms and Conditions Privacy policy Cookie Settings Contact Us
Services
Login register
zdrecruit Project Management Advertising and Marketing Education Sales
Links
zpostcode Recruit weather mreligion Yellowpages sport constellation shopping name game directory literature Word tour furnish Lottery tftnews lyrics News digital car dir Edu Finance
Copyright 2023-2025 - www.zdrecruit.com All Rights Reserved