The Associate Manager - IT Cloud and Application Security will be a critical function responsible for helping to evangelize the Application Security program at Kraft Heinz by fostering a collaborative and educational working relationship between the application security and the business / development teams. We are looking for individuals who are willing to own their space and collaborate deeply within not only the security team, but also the application development teams, with the expectation of owning, maintaining and executing application scanning platforms, working with application developers to report on and fix existing code vulnerabilities, while building development playbooks, standards and best practices in order to eliminate the introduction of new code vulnerabilities.
Primary Responsibilities:
• Evangelize the Application Security Program and work directly with application developers to develop and maintain 'Secure by Design' coding practices for application developers
• Develop security controls and drive "shift left" security initiatives, embedding security best practices seamlessly into the software development lifecycle to proactively identify and mitigate risks.
• Collaborate with development teams to integrate secure coding practices, security automation, and pipeline security into CI/CD workflows.
• Assist in product development efforts, including Security Code Reviews, Dynamic assessments and application assessments to ensure compliance with Secure by Design principles and the implementation of appropriate security controls.
• Work closely with product teams to provide guidance and education to developers on available security controls and their appropriate use to improve adoption and reduce security vulnerabilities.
• Take ownership and accountability for managing security platforms. Conduct required maintenance activities, manage configurations to adhere to security standards, and perform operational tasks required for security reviews.
• Prepare and present detailed security reports with risk analysis and remediation strategies, effectively communicating to both technical and non-technical stakeholders. Triage vulnerabilities from dynamic and static scanning tools with development teams
• Perform manual security assessments against applications including but not limited to web applications, mobile and thick client applications.
• Support the automation of security testing and reporting, manage security tooling, and secure our cloud environments.
• Contribute to the continuous improvement of the application security program, ensuring alignment with evolving security landscapes and business needs.
Qualifications:
• Bachelor's degree and 3+ years of relevant application security experience
• Experience working with software development teams, providing security oversight in complex application ecosystems.
• Experience in deploying and managing application security tools and related resources such as:
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- API Security
- Application Security Posture Management (ASPM)
- Azure Devops
- Github
• Expertise in application secure design and code reviews, with an understanding of Secure Coding standards and exploiting common vulnerabilities (e.g., OWASP Top 10, CWEs).
• Proficient with common developer tools and processes such as GitHub, Azure DevOps, CI/CD, containers and orchestration, IaaS/PaaS, APIs, WebSockets, Databases, Front-End and Back-End systems
• Proficient in one or more high-level programming languages (e.g. Python, PowerShell, JS, etc.). Experience in one or more application development languages (e.g. C#, Java, Go, etc.)
Location(s)
Mexico City - Antara Tower A - 5th Floor - Local Office
Kraft Heinz is an Equal Opportunity Employer - Underrepresented Ethnic Minority Groups/Women/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity and other protected classes.
Top Skills
What the Team is Saying
What We Do
Kraft Heinz is a global food company with a delicious heritage.
With iconic and emerging food and beverage brands around the world, we deliver the best taste, fun and quality to every table we touch.
We’re on a mission to disrupt not only our own business, but the global food industry. A consumer obsession and unexpected partnerships fuel our progress as we drive innovation across every part of our company.
Around the world, our people are connected by a culture of ownership, agility and endless curiosity. We also believe in being good humans, who are working to improve our company, communities, and planet.
We’re proud of where we’ve been – and even more thrilled about where we’re headed – as we nourish the world and lead the future of food.
Why Work With Us
We believe that great people make great companies, and we’re growing something great here at Kraft Heinz.
Operating in over 20 global markets, across 9 functions, no matter your career goals, we have a seat at the table for you.
Gallery
Kraft Heinz Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
We also believe providing a more flexible and agile model is essential in today’s workplace. A majority of our office-based employees will be able to work remotely for up to two days each week.
