Sr. Information Security Engineer

Why WWT?

At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clients.

Founded in 1990, World Wide Technology (WWT) is a global technology solutions provider leading the AI and Digital Revolution. With more than $20 billion in annual revenue, WWT combines the power of strategy, execution and partnership to accelerate digital transformational outcomes for large public and private organizations. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution and integration capabilities.

With over 10,000 employees and more than 55 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 13 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation and creating a great place to work for all. With this culture at its foundation, WWT bridges the gap between business and technology to make a new world happen for its customers, partners and communities.

Want to work with highly motivated individuals on high-performance teams? Join WWT today!

Information Security Engineer

The WWT Information Security (InfoSec) team is currently searching for an Information Security Engineer with a focus on application and container security to join the Security Operations Team. As a member of the team, you will lead efforts to secure the organization’s application ecosystem, driving strategic initiatives to protect against sophisticated cyber threats. You will be responsible for implementing and maintaining the tools and capabilities used to ensure secure configuration of the DEVOPS environment from code to cloud. You will also assist in identifying and investigating data loss events, insider threat events, collaborating with the Security Operations Center, Legal, Compliance, and Corporate Security teams to mitigate threats, and engaging with senior team members to perform response actions. You will also mentor junior team members and serve as a key advisor to leadership on application security risks and solutions.

Requirements and Skills:

• Bachelor’s Degree (or equivalent) in Computer Science, Information Technology, Cyber Security, related field or equivalent work experience required
• Minimum of 8 years of experience in roles related to AppSec/SSDLC/CI/CD/SECDEVOPS.
• Information Security Certification preferred (CISSP) and SANS GWAPT SEC542 or OSCP or equivalent relevant Application Security certification preferred
• Deep knowledge of CI/CD pipelines, DevSecOps practices, and infrastructure-as-code
• Extensive experience securing cloud-native applications (e.g., AWS, Azure, GCP) and containerized environments (e.g., Docker, Kubernetes, Openshift)
• Significant knowledge and experience securing applications.
• Advanced experience with security testing tools and penetration testing frameworks
• Experience securing Openshift Container Platform highly desired
• Knowledge of SSDLC and interacting with app dev teams for implementation
• Experience with scripting, bash, python, or PowerShell highly desired
• Knowledge of general attack stages, attacker Techniques, Tactics, and Procedures (TTPs), and defense models. MITRE ATT&CK, OWASP ASVA, OWASP Top 10, ISO/IEC 27034, NIST SP 800-53.
• Experience with application security control design and configuration in cloud and container environments.
• Excellent interpersonal, verbal, and written communication skills with the ability to communicate security risk and compliance related concepts to a technical and non-technical audience.
• Proven leadership and project management skills, with experience guiding cross-functional teams.
• Strategic thinking with a proactive approach to problem-solving and risk management.
• Self-starter, team player, and enthusiasm for learning
  
  

,

Key Responsibilities (includes but is not limited to):

Strategic Oversight:

• Design and implement a comprehensive application security strategy aligned with organizational goals and industry standards (e.g., OWASP ASVS, NIST 800-53).
• Lead the evaluation and adoption of cutting-edge security tools and methodologies to address emerging threats (e.g., AI-driven attacks, supply chain vulnerabilities).

Technical Leadership:

• Be a technical subject matter expert (SME) responsible for organization wide application security, SSDLC, container security, secure CI/CD, cloud security
• Conduct advanced security assessments, including threat modeling, source code audits, and red-team exercises, to identify and mitigate complex vulnerabilities.
• Architect secure-by-design frameworks for application development, ensuring scalability and resilience across cloud, on-premises, and hybrid environments.
• Oversee the integration of security tools (e.g., SAST, DAST, IAST) into CI/CD pipelines, optimizing for efficiency and coverage.
• Facilitate the creation of compliance automation and policy-as-code to streamline cloud governance in partnership with technology and application owners.
• Drive the adoption of advanced security technologies (e.g., runtime application self-protection [RASP], software composition analysis [SCA]) to harden applications against zero-day exploits and supply chain.
• Lead the design and deployment of automated security controls within CI/CD pipelines, leveraging tools like GitLab Security, Jenkins, or GitHub Actions to enforce secure-by-default practices.
• Architect and maintain a secure application framework, defining standards for encryption, authentication (e.g., OAuth 2.0, SAML), and API security across microservices and monolithic systems.
• Collaboration and Mentorship:
• Partner with engineering, DevOps, and product teams to embed security into all phases of the SDLC, advocating for a DevSecOps culture.
• Collaborate with technology and application owners to establish and agree upon secure build standards.
• Mentor and train junior security engineers and developers on secure coding practices, threat modeling, and vulnerability remediation.
• Incident Management:
• Support incident response efforts for application-related security incidents, coordinating with cross-functional teams to contain, analyze, and resolve incidents.
• Develop post-incident reports and recommend long-term preventive measures to senior leadership.
• Compliance and Governance:
• Ensure applications comply with regulatory requirements (e.g., CMMC, GDPR, SOC, PCI-DSS) and prepare for audits by maintaining robust documentation.
• Establish and enforce application security policies, standards, and KPIs to measure program effectiveness.
• Research and Innovation:
• Stay ahead of evolving threats by researching new attack vectors (e.g., zero-day exploits, API vulnerabilities) and proactively updating security controls.
• Represent the organization in industry forums, contributing to thought leadership on application security trends.
  

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Heath, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program
  
  

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

Equal Opportunity Employer

Preferred locations: MO, KS, FL, TX, and Potentially others