Our vision is to transform how the world uses information to enrich life for all.

Micron Technology is a world leader in innovating memory and storage solutions that accelerate the transformation of information into intelligence, inspiring the world to learn, communicate and advance faster than ever.

JR44563 Application Security Engineer

Application Security Engineer

Job Description

For more than 45 years, Micron’s teams of innovators and scientists have redefined innovation—designing and building some of the world’s most sophisticated memory and semiconductor technologies. Securing software development plays a meaningful role within Global Security in protecting our intellectual property.

Micron’s IT team is a distributed team who are passionate about enabling company success by delivering high business value solutions. Within IT, we build security capabilities as well as educates and guides global teams to secure development in all types of workloads and environments both on premise and in our public and private clouds in a scalable way for our worldwide enterprise.

Key Responsibilities

Technical Leadership

We serve as a mentors and authorities in the application security domain by leading efforts to further define and improve our application security strategy and secure SDLC processes. We provide industry standard methodology for secure coding practices, threat modeling, and other aspects of application and platform security. Mentoring and guiding security champions embedded throughout the development teams is a core focus for the team, and we take that trust very seriously. We also act as a voice for the development community into Global Security to help ensure that the potential impact of changes is well understood.

Engineering Solutions

We are engineers and as such we build things. Some examples of this are bringing automation of security tools in CICD pipelines, building reference solutions that apply security tools correctly, and developing proof-of-concept exploit code to gauge our exposure of confirmed vulnerabilities. We provide measured and prescriptive guidance by prioritizing security issues relative to identified vulnerabilities, risk, and business objectives.

Continued Education

Application security is an ever-evolving field, so we need to maintain the team both technically and intellectually. We accomplish this through maintaining awareness of emerging domain appropriate application vulnerabilities, maintaining proficiency in emerging development practices and platforms, and maintaining expertise, certifications, and credentials through training, conferences, and professional organization membership.

Skills and Proficiencies:

• Strong interpersonal skills and experience collaborating with developers and leadership to promote secure SDLC
• Proven foundations in software engineering in multiple languages and frameworks
• Experience with SAST, DAST, SCA, and related application security tools
• Comfortable switching contexts between red, blue, and development perspectives
• Strong sense of personal accountability and dedication to team success
• Deep understanding of OWASP Top 10 and CWE 25; with experience in implementing and integrating remediation strategies
• High-Level Knowledge of security concepts in the various security domains including, but not limited to, authentication, authorization, testing, and cryptography
• Strong problem solving and analytical skills with a proven record of resolving system-level issues

Differentiators

• Cloud and containerized development and deployment
• Application architecture and software design principles with the ability to perform application security design reviews
• Experience with open-source software and licensing concerns
• Excellent ability to coordinate multiple efforts and see solutions to their conclusion
• Ability to be self-directed and a fast learner with flexibility to support new technologies and legacy applications
• Ability to react to fast paced and dynamic environments

Education and Experience:

• Bachelor’s Degree or equivalent experience in Computer Science or related course of study
• Must have 2+ years of experience in application security or related field

About Micron Technology, Inc.

We are an industry leader in innovative memory and storage solutions transforming how the world uses information to enrich life for all. With a relentless focus on our customers, technology leadership, and manufacturing and operational excellence, Micron delivers a rich portfolio of high-performance DRAM, NAND, and NOR memory and storage products through our Micron® and Crucial® brands. Every day, the innovations that our people create fuel the data economy, enabling advances in artificial intelligence and 5G applications that unleash opportunities — from the data center to the intelligent edge and across the client and mobile user experience.

To learn more, please visit micron.com/careers

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

To request assistance with the application process and/or for reasonable accommodations, please contact [email protected]

Micron Prohibits the use of child labor and complies with all applicable laws, rules, regulations, and other international and industry labor standards.

Micron does not charge candidates any recruitment fees or unlawfully collect any other payment from candidates as consideration for their employment with Micron.