Principal, Cyber Security

It's fun to work in a company where people truly BELIEVE in what they're doing!

Ingram Micro is the business behind the world’s brands reaching nearly 90 percent of the world’s population. Our market reach, diverse solutions portfolio, and digital platform Ingram Micro Xvantage™ set us apart. We have approximately 27,000 associates committed to serving our more than 161,000 customers and 1,500 vendor partners worldwide. Learn more at www.ingrammicro.com.

Ingram Micro has earned Great Place to Work Certification™ for 2022-2023 in the United States! This prestigious recognition reflects our commitment to our people and our culture.

Come join our team where you’ll make technology happen in surprising ways. Let’s shape tomorrow - it’ll be a fun journey!

The role:

• Mentoring R&D and Junior security teams on Secure Coding practice 
• Focus on developing and maintaining home-grown applications to support and implement Secure by Design, Secure Coding, Pen Test and SSDLC Practices 
• Consult with development teams to implement sound SSDLC practices along with coding, data engineering and security services integration / automation following NIST SSDF, OWASP ASVS and BSIMM   
• Active participation in proof-of-concept implementations to test and assess off-the-shelf and home-grown technologies to address SSDLC, DevSecOps compliance with SOX, PCI, ISO27001      
• Work with R&D team members to manage the day-to-day development activities, participate in designs, design review, secure code review, and implementation of best coding practice 
• Maintaining current technical knowledge to support rapidly changing technology, look out for new technologies and work with the team in bringing in new technologies   

What you bring to the role:

• Four-year bachelor’s degree in bachelor’s degree in computer science, Information Security, or a related technical field. Master's degree or relevant certifications (OSCP/OSWE/eWPTX/ CSSLP, CEH or similar) preferred.
• 5+ of software development experience preferred in cyber security/AppSec.
• 5+ years of experience in application security or a related field, with demonstrably successful contributions to securing applications. 
• Strong coding skills in at least one of the following OO languages: Python, Java, C++, C#, .Net, Ruby, or any advanced web or mobile apps programming language.
• Scripting skills in Python, Bash, or similar languages for automation and analysis. 
• Hands-on experience in source code reviews for vulnerabilities and secure coding practice and understanding of SSDLC.
• Advanced understanding of security concepts and attack vectors, including web application security, API security, mobile security, and cloud security.  
• Proficiency in SAST and DAST security tools and technologies like vulnerability scanners, web application firewalls, fuzzing, penetration testing tools (e.g., Burp Suite).
• Experience with threat modeling and risk assessment methodologies tailored for mobile/web applications. 
• Ability to develop and implement security controls based on identified risks and vulnerabilities. 
• Proven track record of successfully securing web and/or mobile applications across various platforms (iOS, Android). 
• Solid understanding of secure coding practices for web/mobile development, including platform-specific security frameworks and libraries. 
• Experience in building and implementing security processes within an organization, specifically focusing on web/mobile application security integration within the SDLC. 

The typical base pay range for this role across the U.S. is USD $121,400.00 - $206,400.00 per year.

The ranges above reflect the potential annual base pay across the U.S. for all roles; the applicable base pay range will depend on the candidate’s primary work location, pay grade, and variable compensation plan. Individual base pay within each range depends on various factors, in addition to primary work location, such as complexity and responsibility of role, job duties/requirements, and relevant experience and skills. Base pay ranges are reviewed and typically updated each year. Offers are made within the base pay range applicable at the time of hire. New hires starting base pay generally falls in the bottom half (between the minimum and midpoint) of a pay range.

At Ingram Micro certain roles are eligible for additional rewards, including merit increases, annual bonus or sales incentives and long-term incentives. These awards are allocated based on position level and individual performance. U.S.-based employees have access to healthcare benefits, paid time off, parental leave, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, and wellbeing benefits, among others.

This is not a complete listing of the job duties.  It’s a representation of the things you will be doing, and you may not perform all these duties.

Please be prepared to pass a drug test and successfully pass a pre-employment (post offer) background check.

Ingram Micro believes there is no place in our society for social injustice, discrimination, or racism. As a company we do not – and will not – tolerate these actions.

Ingram Micro Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.