Associate Security Engineer

EXCITED TO GROW YOUR CAREER? WE’RE GLAD YOU’RE HERE!​

Candidates must be local to the St Louis area and be able to work in our Fenton location, a hybrid schedule coming into the office at least three days a week (T, W, and Th)

The Associate Security Engineer is responsible for ensuring the security of web applications, cloud environments, and development pipelines by implementing best practices and conducting security assessments. This role supports compliance efforts, including SOC 2 and PCI-DSS audits, and collaborates with development and DevOps teams to integrate security into the software lifecycle. The position requires strong technical expertise in application security, cloud security, and secure architecture design.

Primary Responsibilities

Audit Evidence Gathering & Compliance Support 30% : Participate in SOC 2, PCI-DSS, and internal audits by gathering and providing security-related evidence. Work closely with DevOps, engineering, and security teams to ensure security controls meet industry standards and regulatory requirements. Address audit findings by recommending and implementing security improvements. Maintain documentation to support ongoing compliance efforts.

Web Application Security 25%: Conduct security assessments of web applications to identify vulnerabilities and enforce secure coding practices. Work with developers to integrate security controls such as Content Security Policy (CSP), authentication mechanisms, and secure session management. Monitor applications for security threats, implement mitigations, and ensure adherence to OWASP Top 10 best practices, as well as internal remediation timeframes.

DevSecOps 20%: Integrate security into CI/CD pipelines via automation. Collaborate with DevOps team to harden infrastructure-as-code (IaC) deployments and enforce security policies for containerized environments. Review security configurations in source code repositories and ensure security best practices are followed across the software development lifecycle.

Cloud Security 15%: Enhance the security of various cloud environments (primarily GCP), by assisting with the implementation of best practices for identity and access management (IAM), logging, monitoring, encryption, network segmentation, etc.

Secure Architecture Review 10%: Evaluate and assess software components to identify potential security risks. Collaborate with engineering teams to design secure system architectures, ensuring adherence to zero-trust principles and best practices for cybersecurity. Provide security recommendations.

Qualifications

• 1-2 years of experience in security engineering, or other relevant experience

• Experience in security audits – Strong understanding of SOC 2, PCI-DSS, or other security frameworks, with experience gathering and providing evidence for audits

• Expertise in web application security – Hands-on experience with application security testing, secure coding practices, and mitigation of common vulnerabilities (OWASP Top 10, CSP, authentication mechanisms, etc.)

• Proficiency in DevSecOps – Knowledge of CI/CD security integration, dependency scanning, and secure infrastructure-as-code (Terraform, CloudFormation)

• Cloud security knowledge – Familiarity with cloud-native security best practices, including IAM policies, logging, monitoring, and network segmentation. Familiar with a Cloud Security Posture Management tool

• Strong understanding of secure architecture – Ability to assess software components for security risks and recommend security improvements

• Effective Communication & Collaboration – Ability to work across teams, translating complex security concepts into actionable recommendations for developers, IT staff, and leadership.

Disclaimer

This job description is designed to indicate the general nature and level of work performed by associates within this classification. It is not designed to confirm or be interpreted as a comprehensive summary of all duties, responsibilities and qualifications required of associates assigned to this job.

Maritz offers a comprehensive benefits package for full-time employees including medical, dental, vision, life insurance, disability, 401k, tuition reimbursement, paid time off, and more! Part-time employees may qualify for medical, 401k, and paid time off depending on total hours worked. View all details at www.MaritzBenefits.com.

Maritz will only employ applicants who have authorization to work permanently in the U.S. This is not a position for which sponsorship will be provided. Those who need sponsorship for work authorization now or in the future are not eligible for hire. No calls or agencies please.

Maritz is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment. If you have a disability and are having difficulty accessing or using this website to apply for a position, you can request help by calling 1-636-827-0335 or by sending an email to peopleanddevelopment@maritz.com.