Analyst, Application Security Engineer

SDLC Analyst, Cyber Security Office

Make A Difference For Those Who Make The World™

It takes great people to achieve greatness. People with a sense of purpose and integrity. People with a relentless pursuit of excellence. People who care about making things better For Those Who Make The World™. Sound like you? Join our top-notch team of nearly 60,000 professionals globally who are making their mark on some of the world’s most beloved brands, including DEWALT®, CRAFTSMAN®, CUB CADET®, STANLEY® and BLACK+DECKER®

What You’ll Do

As a highly skilled and experienced Application Security engineer, you will play a critical role in ensuring the security of a variety of SBD applications. You will be responsible for identifying and mitigating security vulnerabilities, implementing security best practices and working closely with development teams to integrate security into the Software Development Lifecycle. Your expertise in Application Security Testing (AST) tools, penetration testing, and vulnerability management will be essential in safeguarding our applications.

Key Responsibilities:

 You’ll get to: 

• Conduct security assessments and penetration testing of web and mobile applications using tools such as Burp Suite.
• Identify, analyze, and prioritize security vulnerabilities in applications and provide actionable recommendations for remediation.
• Collaborate with development teams to integrate security best practices into the Software Development Lifecycle.
• Utilize Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Software Composition Analysis (SCA) tools to automate security testing and improve the efficiency of vulnerability detection.
• Manage the vulnerability lifecycle, including identification, assessment/verification, mitigation assistance and remediation status tracking.
• Work with cross-functional teams to ensure timely and effective remediation of identified vulnerabilities.
• Stay up-to-date with the latest security threats, trends, and technologies, and proactively apply this knowledge to enhance our security measures.
• Develop and maintain security documentation, including security policies, standards, procedures, best practices/recommendations and guidelines.
• Educate and train development teams on secure coding practices and securing against the OWASP Top 10 vulnerabilities.
• Participate in incident response activities and exercises which would include: assisting in the initial investigation, pre and post mortem reporting, resolution of security incidents as well as assisting in documenting lessons learned to enhance security procedures for the future.

Who You Are

You always strive to do a good job…but wouldn’t it be great if you could do your job and do a world of good? You care about quality – at every level. You love to learn and grow and be acknowledged for your valuable contributions. You’re not intimidated by innovation. In fact, you embrace it.

You also have: 

• Bachelor’s degree and 4+ years of experience in Computer Science, Information Technology, or a related field
• Proven experience in application security, with a strong understanding of the NIST Cybersecurity Framework, OWASP SAMM, OWASP ASVS security requirements and the OWASP Top 10 vulnerabilities and their remediation.
• Proficiency in using Application Security Testing tools: SAST, DAST, IAST, and SCA.
• Hands-on experience with penetration testing tools and creating meaningful reports to present to internal stakeholders of varying technical backgrounds.
• Strong knowledge of vulnerability management processes, the stages of the secure development lifecycle process, common attack types and remediation techniques.
• Excellent problem-solving skills and attention to detail.
• Strong communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders through both executive-level summary reports and detailed technical reports
• Relevant certifications such as CSSLP, CISSP, CISM, CEH, or OSCP are a plus.

What You’ll Receive

You’ll receive a competitive salary and a great benefits plan:

• Medical, dental, life, vision, wellness program, disability, 401(k), Employee Stock Purchase Plan, paid time off and tuition reimbursement.
• Flexible work arrangements and a focus on work-life balance.
• Discounts on Stanley Black & Decker tools and other partner programs.

How You’ll Feel

We want our company to be a place you’ll want to be – and stay. Being part of our team means you’ll get to:

• Grow: Be part of our global company with 20+ brands to grow and develop your skills along multiple career paths.

• Learn: Have access to a wealth of learning resources, including our Lean Academy, Coursera® and online university.
• Belong: Experience an awesome place to work, where we have mutual respect and a great appreciation for each other.
• Give Back: Help us continue to make positive changes locally and globally through volunteerism, giving back and sustainable business practices.

#LI-Remote

All qualified applicants to Stanley Black & Decker are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran’s status or any other protected characteristic.

We Don’t Just Build The World, We Build Innovative Technology Too.

Joining the Stanley Black & Decker team means working in an innovative, tech-driven and highly collaborative team environment supported by over 58,000 professionals in 60 countries across the globe. Here, you’ll get the unique chance to impact some of the world’s most iconic brands including STANLEY TOOLS, DEWALT, CRAFTSMAN, MAC TOOLS and Black + Decker. Your ideas and solutions have the potential to reach millions of customers as we work together to write the next chapter in our history. Come build with us and take your career to new heights.

Who We Are 

We’re the World’s largest tool company. We’re industry visionaries. We’re solving problems and advancing the manufacturing trade through innovative technology and our Industry 4.0 Initiative. We are committed to ensuring our state-of-the-art “smart factory” products and services provide greater quality to our customers & greater environmental and social value to our planet. We are unique in that we have a rich and storied history dating back to 1843, but that hasn't stopped us from evolving into a vibrant, diverse, global growth company.

Global Benefits & Perks
You’ll be rewarded with a competitive salary plus receive entitlements and benefits unique to your country of hire. 

What You’ll Also Get

Career Opportunity: Career paths aren’t linear here. Being part of our global company with 60+ brands gives you the chance to grow and develop your skills along multiple career paths.

Learning & Development: 
Our lifelong learning philosophy means you’ll have access to a wealth of state-of-the-art learning resources, including our Lean Academy and online university (where you can get certificates and specializations from renowned colleges and universities).

Diverse & Inclusive Culture:
We pride ourselves on being an awesome place to work. We respect and embrace differences because that’s how the best work gets done. You’ll find we like to have fun here, too.

Purpose-Driven Company:
You’ll help us continue to make positive changes in the local communities where we work and live as well as in the broader world through volunteerism, giving back and sustainable business practices.