Principal Application Security Engineer

Application Security

New York, New York, US

May 20, 2026

Full Time

Apply Now

Job Description

Company: iHerb Inc.

Location: New York, US

Are you passionate about securing global-scale ecommerce services and applications that power millions of customers across over a hundred countries around the globe? We are looking for a hands‑on Principal Application Security Engineer to lead our Secure Development Lifecycle assurance processes, our security automation technologies, drive the security hardening strategy across our product and respond to current and emerging security threats. This role can be fully remote and must reside in US.

In this role, you will help us drive our Product Security strategy working with development teams globally to define new security capabilities, grow the team by hiring the best talent, and partner with senior leaders across the organization to deliver company‑wide security initiatives. Responsibilities

Lead cross-functional projects and establish cutting-edge security development lifecycle practices

Directed security design reviews and threat modeling for new and existing services at iHerb

Evaluate, prototype, implement, and operate security-focused tools and services

Create new secure architecture standards, frameworks and patterns spanning multiple layers

Discover and analyze emerging security threats, determining applicability to iHerb and proactively implement centralized mitigations

Evaluate, prototype, implement, and operate security tools and services (DAST, SAST, SCA…)

Maintain a strong knowledge of current security threats and operational best practices

Drive our security assessment, penetration testing and bug bounty programs

Participate in security incident response Qualifications

Demonstrated technical foundation (Computer Science / Engineering degree or equivalent experience) with an innate ability to translate technical vulnerabilities into organizational risks

8+ years of technical security leadership at a top-tier software company including experience with security products, threat modeling, security design, security architecture, cryptography, mobile se

Source: BeBee

Principal Application Security Engineer

Job Description

Related Jobs

Facility Security Specialist – Orlando, FL

Lead Engineer, Network Security Platform

Product Marketing Manager job at Tenable Network Security in Columbia, MD, Boston, MA

AI Security Tester

Cybersecurity Job Board

Our Policy

Contact Us

Login to Cybersecurity Job Board

Reset Password

Create a free Cybersecurity Job Board account

Principal Application Security Engineer

Job Description

Share this post

Related Jobs

Facility Security Specialist – Orlando, FL

Lead Engineer, Network Security Platform

Product Marketing Manager job at Tenable Network Security in Columbia, MD, Boston, MA

AI Security Tester

Cybersecurity Job Board

Our Policy

Contact Us