The KION/Dematic Supply Chain Solutions (SCS) Global Software R&D Organization is responsible for delivering innovative software products to support a wide range of intralogistics, material handling, and management solutions. These products play a key role in powering the logistics operations of enterprises in a wide range of industries worldwide including eCommerce activities.

　　We are looking for a hands-on, dynamic, and enthusiastic application security engineer to help drive our application security efforts. This is an exciting opportunity to join our application security efforts related to the development of various projects in IoT, Intralogistics, Control, Cloud, and Edge systems that aim to transform the industry.

　　What we offer:

　　The KION/Dematic Supply Chain Solutions (SCS) Global Software R&D Organization is responsible for delivering innovative software products to support a wide range of intralogistics, material handling, and management solutions. These products play a key role in powering the logistics operations of enterprises in a wide range of industries worldwide including eCommerce activities.

　　We are looking for a hands-on, dynamic, and enthusiastic application security engineer to help drive our application security efforts. This is an exciting opportunity to join our application security efforts related to the development of various projects in IoT, Intralogistics, Control, Cloud, and Edge systems that aim to transform the industry.

　　The application security engineer is an important member of the KION Supply Chain Solutions (SCS) Global Software R&D team. This role is hands-on application security that applies expertise in application security and knowledge of security best practices to the development of existing and future products. The application security engineer not only demonstrates the skills and knowledge of a seasoned hands-on security professional but also participates in efforts to enhance application security and development practices of product teams.

　　Tasks and Qualifications:

　　This is What You Will do in This Role / Key ResponsibilitiesApply coding and testing standards, apply security testing tools including SAST/DAST scanning tools, and conduct code reviews. Apply Secure Software Development Lifecycle (SSLDC) methodologies across organization.Identify basic common coding flaws at a high level. Perform penetration testing and integrated quality assurance testing for security functionality and resiliency attack as required for new or updated applications.Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.Direct the remediation of security findings and vulnerability prioritization, with development teams, encountered during testing and implementation of new systems or changes to existing systems.Capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules.What We are Looking For / Qualifications5+ years of SAST/DAST scanning experience or 4+ years of penetration testing experience or 5 years of application security experience.Experience with security tools such as Qualys, Nessus, Sonarqube, Veracode, Burp Suite, Nexpose, Snort, or MetasploitStrong knowledge of security architecture, system, and network securityStrong experience and in-depth knowledge of security standards and best practices (OWASP, SANS 25, etc.) as it relates to cloud, web, and mobile applicationsExperience in analyzing security of Java applications or cloud-based applications.Ability to read and write one or more common programming languages such as Java, JavaScript, C/C++, Python, including 2+ years of hands-on programming or scriptwriting, including 2+ years of working with cloud applicationsStrong Knowledge of Linux and Windows OSPreferredCISSPBS in Comp Science