Share this Job

Sr. Engineer, Application Security

Location: 

Parsippany, NJ, US

Property Name:  Parsippany - 22 Sylvan Way
Req Id:  21496

Wyndham Hotels & Resorts is now seeking a Sr. Engineer, Application Security to join our team.

Why Wyndham?

By joining Wyndham Hotels & Resorts, you will play an integral role in our mission to make hotel travel possible for all. You’ll be part of the largest hotel franchise company in the world, where we strive to deliver the best value to our owners and guests. Most importantly, you’ll be entrusted to live our unique Count on Me culture, set by our core values of integrity, accountability, inclusive, caring and fun. At Wyndham, we provide all team members the opportunity to grow through best-in-class training and career development, leadership training, mentorship opportunities and educational support.  Supporting our team members is a top priority, which is why we offer competitive compensation and benefits, vacation, team member appreciation days, workplace flexibility and much more.  At Wyndham Hotels & Resorts, we value and embrace a culture of diversity, equity and inclusion that supports team members of all backgrounds and experiences. We can’t wait to welcome you!

The Role

Wyndham Hotels & Resorts is looking for a Sr. Engineer, Application Security to join the Wyndham Information Security team and help deliver our application security program. This is an exciting opportunity to be in a key role that helps deliver the design, build, and run of the application security technologies and capabilities to secure Wyndham’s web and mobile applications.

As a member of the Cybersecurity Team, this role is a key participant in executing the application security program’s architecture, framework, and provide crucial guidance to development teams. This role will work directly with various business applications teams in the design, delivery, and security of our web and mobile products. This position will interact with various levels of technical and business personnel to provide security analysis and recommendations while remaining sensitive to business requirements across our applications.

The position will support various internal initiatives related to application development and secure coding practices, application vulnerability detection and remediation, and the overall SDLC lifecycle.  This position will also keep up-to-date on emerging application security techniques, technologies, architectures, as well as industry related threats.

This role will be expected to perform several tasks in the pursuit of timely and secure code deployments, this includes manual web testing, code audits and design reviews, find and resolve security vulnerabilities on a variety of platforms, complete manual focused web application vulnerability assessments.

To help improve our security posture, this role will also be asked to help consult on the design of secure web application architecture and secure design principles, advocate security and secure coding practices, perform secure code trainings with groups of developers, analyze, assess and respond to various security threats, and seek out opportunities to automate processes wherever relevant.

This role will also help manage the day-to-day operations of our security technologies, including web application firewalls, bot management defenses, and code scanning solutions. This includes keeping tools, detections, and protection methods up to date and relevant against the current attack methods.  Open to remote work options, with monthly/quarterly in-person team meetings in the Parsippany Office. 

What you'll do

  • Provide guidance on tools and methods to protect the Wyndham websites against manual and automated attacks.    
  • Provide support on larger cybersecurity and business-based projects & initiatives.    
  • Work effectively with business technology, audit, and fraud teams to solve business problems with technical solutions.    
  • Represents applications security & cybersecurity in meetings and projects discussions. 
  • Devise methods to automate testing activities and streamline testing processes.
  • Provide oral briefings to leadership and technical staff, as necessary.
  • Improve and document operational and troubleshooting procedures.

You'll be successful if you have

  • Application security reviews for our services and applications.
  • Penetration testing for critical services and applications.
  • Security code reviews for critical changes during the development phase.
  • Security training and outreach to internal development teams.
  • Security best practices documentation.
  • Perform detailed application security reviews to examine legacy and new applications, provide technical risk assessments, security gap assessments, and approve new releases.    
  • Provide support and guidance when necessary for the resolution of identified vulnerabilities/issues in collaboration with business application development teams.    
  • Operate and enhance application security related technologies, including web application firewalls, bot management defenses, and code security solutions.    

Preferred Experience/Qualifications

  • 3+ years of related offense/defense application security experience, specifically related to application security and development.
  • Knowledge of software development/deployment methodologies in web & mobile based environments.
  • Experience in a variety of programming/scripting languages (Nodejs/Javascript, Java, & Python, etc.)
  • Advanced knowledge and proven expertise in securing AWS cloud infrastructure environments, including API’s and serverless applications.
  • Knowledge of application and API security vulnerabilities (including and beyond OWASP Top Ten) and remediation techniques without impacting performance.
  • Experience with source code reviews, ethical hacking and penetration testing methods, tools and techniques, including SAST, DAST, IAST, SCA, IAC, solutions.
  • Experience with Web Application Firewalls and Automated Bot Management solutions.
  • Solid understanding of agile, DevSecOps pipelines, and CI/CD integration.
  • Experience implementing and administering complex technical security solutions.
  • Knowledge of threat intelligence sources and the part it plays on application security.

COMPANY OVERVIEW:

 

Wyndham Hotels & Resorts is the world’s largest hotel franchising company by the number of properties with approximately 9,000 hotels across over 95 countries on six continents. Through its network of more than 813,000 rooms appealing to the everyday traveler, Wyndham commands a leading presence in the economy and midscale segments of the lodging industry. The Company operates a portfolio of 22 hotel brands, including Super 8®, Days Inn®, Ramada®, Microtel®, La Quinta®, Baymont®, Wingate®, AmericInn®, Hawthorn Suites®, Trademark Collection® and Wyndham®. Headquartered in Parsippany, N.J. with offices around the globe in London, Shanghai, Buenos Aires, Dubai and more, Wyndham Hotels & Resorts employs more than 4,000 team members worldwide who are dedicated to the Company’s mission of making hotel travel possible for all.
 
Wyndham Hotels & Resorts is an Equal Employment Opportunity Employer.
 


Employment Status: Full-time

For candidates in Colorado, click here for information related to Colorado's Equal Pay for Equal Work Act.

What we expect from you:

You will play an important part in our mission to make hotel travel possible for all by:

Being responsive, respectful and delivering great experiences to our guests, partners and communities.

Foster an inclusive environment where individuals feel empowered to bring their authentic selves to work and share their diverse perspectives.

Bring your best every day and strive to exceed expectations in all you do.

What you can expect from us:

With Wyndham Hotels & Resorts, you can expect a fulfilling career to include:

Growth opportunities through best-in-class training and career development, leadership training, mentorship opportunities and educational support.

Competitive salary and benefits, flexible work arrangements and exclusive team member discounts.  

Team member benefit programs that focus on nutrition, exercise, lifestyle management, physical and emotional wellness, financial health, and the quality of the environment in which all team members work and live.

A Company culture of diversity, equity and inclusion. Our culture infuses different perspectives that reflect our diverse guests and communities around the world.

About Wyndham Hotels & Resorts:

Wyndham Hotels & Resorts is the champion of the everyday traveler. Every day, we work to make hotel travel possible for all. With more hotels than anyone else across the globe, we offer the largest and widest collection of hotel experiences in the world. So wherever and however people travel, Wyndham will be there to welcome them.