Perform security-focused code and design reviews of software applications (Web cloud services & lambdas, APIs, site URLs, mobile apps). Assist in the development of security processes (e.g. Secure Software Development Life-cycle practices) and automated tooling for CI/CD pipelines to capture classes of security issues. Assist teams in reproducing, triaging and addressing application security vulnerabilities. Assist in development of security processes and automated tooling that prevent classes of security issues. Act as a trusted automation and tooling advisor for DevSecOps initiatives by providing objective, practical and relevant ideas, insights and advice. Collaborate with engineers, consultants and architects to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC). Build security guidelines for teams and integrate platforms, including container, vulnerability management tools within continuous integration and continuous delivery/continuous deployment (CI/CD) pipelines. Assist security architects with creating patterns of automation, infrastructure deployment, maintenance, monitoring, security and compliance using industry and enterprise best practices. Perform validation of security controls to ensure consistency with compliance and industry standard methodologies. Work together with engineers to mitigate security vulnerabilities identified by our security tools and external reported vulnerabilities. Define security guardrails through automated tool policies, SLAs (Service Level Agreements), custom rules, and support the developers. Understand, balance and communicate business risk with security risk. Respond to threats, through diagnosis, communication, and remediation. Prevent successful attacks by hardening Whirlpool’s defenses. Work on security global projects to enhance Whirlpool’s defense, monitoring and response capabilities. May work remotely from anywhere in minimum of one-week increments for a total of two weeks per year.
REQUIREMENTS: Bachelor’s degree (or foreign equivalent) in Computer Science, Computer Information Systems, Information Security, Information Technology, or related field plus 1 year of experience in the offered position or closely related occupation.
JOB LOCATION: 2000 N M-63, Benton Harbor, MI 49022
