Application Security Engineer

We are Subway Headquarters! A dedicated team of professionals supporting thousands of franchisees around the globe.

Region: Shelton, CT

Ready for a fresh, new career? Look no further because one of the world's most iconic brands can help you get there.

Why Join Us?

At Subway, "better" is baked into our DNA. We are a brand that believes in continued improvement ... in our lives, our businesses, and our planet. From the handshake that started our very first sandwich shop to earning our position as one of the world's leading restaurant brands, we've always embraced change and the path ahead. And today, we're making better living way easier.

Our purpose is about more than the food we serve in our restaurants. It's centered on fueling healthy businesses and healthier lives. It is one of the most exciting times to join the Subway team and contribute to our transformational journey.

About the Role:

We have an exciting opportunity to support our Information Security team as an Application Security Engineer based in Shelton, CT. The Application Security Engineer will serve as a primary contributor to our software development security culture and secure-by-design strategies. This position is critical to the security of Enterprise and Digital product teams and applications and will have first-hand exposure to the strategy of the company in key security initiatives. An ability to apply skills in threat modeling, threat and vulnerability analysis, DevOps security, data engineering, and penetration testing are key aspects to the role.

If you feel that this is the role for you, and you are successful with your application, be ready to be Bold, Empowered, Accountable, and ready to have Fun in a fast paced and agile working environment.

Responsibilities include but are not limited to:

• Work directly with Security Architecture and Cyber Security leadership on progressing secure-by-design principles throughout the development lifecycle.
• Work with the Business and Enterprise Architecture to ensure product designs are secure and acceptable.
• Provide guidance and empower Security Champions within various product development teams.
• Serve as the subject matter expert in Azure DevOps and HCP Terraform Cloud.
• Assess secure design and operational control practices in Azure and AWS cloud environments.
• Ensure that software product releases are secure, and their security defects are accurately assessed and remediated.
• Ensure the security of software development processes align with OWASP (SAMM and ASVS) and compliance frameworks such as the NIST CSF, SOC 2 and SOX.

Qualifications (some examples listed below):

• 5 years previous work experience (software development and engineering, cloud infrastructure engineering and operations, software vulnerability management and threat modeling, operational/response cybersecurity).
• Expertise in secure software development processes and practices.
• Expertise in version control and CI/CD in Azure DevOps systems.
• Expertise in threat modeling and vulnerability assessments.
• Expertise in dynamic and offensive security testing.
• Expertise in cloud services and infrastructure within Azure, AWS and HCP Terraform.
• Expertise in cloud policy and management within Azure, AWS and HCP Terraform.
• Understanding practicality of threats and their impact under various conditions.

What do we Offer?

• Insurance Plans (Medical/Life)
• 401K
• Competitive Bonus
• Mobility Allowance
• Tuition Reimbursement
• Company Holidays
• Volunteering time
• And Many More.....

Actual pay is determined based on a number of job-related factors including skills, education, training, credentials, qualifications, scope and complexity of role responsibilities, geographic location, performance, and working conditions.

The Company is only considering applicants who are currently authorized to work in the country the position is based. AA/EOE/D/V

• Shelton, CT 06484, USA