Luminator is seeking to fill our full-time Application Cyber Security Engineer role to join our growing and dynamic IT team where you will be an integral part of the team by providing valuable input as we work toward assessing and implementing goals and mission of the department and Luminator.

Luminator Technology Group is a global leader in technology solutions that increase intelligence, safety, and efficiency for public transit operations. Delivering a universal portfolio of hardware and software solutions through well-known and well-established regional organizations, Luminator is a global company with a small-enterprise approach and commitment to customer success, serving customers in more than 85 countries, and employing nearly 1,000 people worldwide.

The Application Security Cyber Engineer is responsible for enhancing the security of software applications by implementing secure coding practices, conducting security testing, and collaborating with development teams to ensure security is integrated throughout the development process.

Why Work at Luminator?

Luminator possess great company culture! We offer a competitive total compensation package, including annual incentives. We offer a generous time off plan, plus 8 paid company holidays, and 2 floating holidays. Luminator offers a wide range of benefits, including healthcare, dental, vision, and 401k options as well as granting all time off on your first day! In this role, you'll be part of a team that is building an inclusive and diverse culture of excellence! This role will be integral in setting the tone and culture at Luminator.

Essential Functions:

• Programming Languages: Proficiency in programming languages such as Python, Java, C/C++, or others commonly used in web development is essential for understanding application code, identifying vulnerabilities, and implementing secure coding practices.

• Web Application Frameworks: Familiarity with popular web application frameworks (e.g., Django, Ruby on Rails, Spring) and their security features is necessary for developing, securing, and testing web applications effectively.

• Secure Coding Practices: In-depth knowledge of secure coding principles, OWASP Top 10 vulnerabilities, and common attack vectors is crucial for writing secure and resilient code, as well as preventing common security flaws such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF).

• Static Application Security Testing (SAST): Experience with SAST tools and techniques for analyzing source code, identifying security vulnerabilities, and providing actionable remediation guidance to developers during the software development lifecycle.

• Dynamic Application Security Testing (DAST): Proficiency in DAST tools for performing black-box testing of web applications in a runtime environment, identifying security weaknesses, and validating vulnerabilities through simulated attacks.

• Security Headers and Configuration: Understanding of HTTP security headers (e.g., Content Security Policy, X-Content-Type-Options, HTTP Strict Transport Security) and server configurations to enhance the security posture of web applications and mitigate common security risks.

• Authentication and Authorization: Knowledge of authentication mechanisms (e.g., OAuth, OpenID Connect) and authorization frameworks (e.g., Role-Based Access Control, Attribute-Based Access Control) for implementing secure authentication and authorization mechanisms in web applications.

• Encryption and Data Protection: Familiarity with cryptographic algorithms, SSL/TLS protocols, and secure storage mechanisms for protecting sensitive data at rest and in transit, as well as ensuring compliance with data protection regulations.

• Secure Development Lifecycle (SDLC): Understanding of SDLC methodologies (e.g., Agile, DevOps) and integration of security practices into the software development process, including threat modeling, security code reviews, and security testing at each phase.

• API Security: Experience in securing APIs (e.g., RESTful APIs, GraphQL) through authentication, authorization, input validation, rate limiting, and other security controls to prevent attacks such as API abuse, injection, and tampering.

• Container Security: Knowledge of containerization technologies (e.g., Docker, Kubernetes) and best practices for securing containerized applications, including image scanning, runtime protection, and access control.

• Vulnerability Management: Proficiency in managing and prioritizing software vulnerabilities using vulnerability assessment tools, bug tracking systems, and risk assessment methodologies to ensure timely remediation and mitigation of security risks in applications.

• Communication and Collaboration : Strong communication skills are essential for effectively communicating security requirements, risks, and recommendations to developers, stakeholders, and cross-functional teams, as well as collaborating on security initiatives and incident response efforts throughout the organization.

Position Qualifications: This professional will possess:

• Education: Bachelor’s degree in Cybersecurity, Computer Science, or a related field preferred. 

• Work Experience: at least 2 years of experience in application security or cyber security.

• Technology Experience: Skilled in SAST, DAST, and popular web application frameworks.

• Skills and Abilities: Excellent communication skills and a collaborative spirit.

Location: Open to hybrid after introductory period, would require some on-site presence.

Luminator's headquarters is based in Plano, Texas, located just north of downtown Dallas, and is a dynamic hub for corporate activity and was named the safest city by Forbes in 2011. Hosting headquarters for numerous Fortune 1000 companies along Preston Road, Plano is a vibrant center of business, drawing primarily business travelers who account for 80% of its visitors.

The city is enriched with extensive green spaces, including the 200-acre Arbor Hills Nature Preserve and the 800-acre Oak Point Park & Nature Preserve. Connected by scenic biking trails, these parks offer a range of outdoor activities, from zip lining to Tarzan swings, and are complemented by five recreation centers with pools, dog parks, and amphitheaters. Plano celebrates its community spirit with an annual balloon festival every September, attracting large crowds.

Educationally, Plano is served by Collin College and campuses of Southern Methodist University and Dallas Baptist University. It boasts a high educational attainment with 93% graduation rates in public schools, significantly outperforming nearby areas. Many graduates earn National Merit Scholar recognition.

Plano’s transport needs are met by the Dallas Area Rapid Transit (DART), providing efficient bus and light rail services. Culturally, the city thrives with over 700 restaurants, a lively downtown rated among the nation's best, and a robust retail scene, making it one of the most desirable places to live in the United States.

Luminator Technology Group is committed to provide a safe and drug-free work environment for our customers and our employees, as a condition of employment Luminator Technology Group will require a negative drug screen as a pre-employment process due to working on or with federal contracts.

It is the policy of Luminator to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, age, disability, marital status, citizenship, national origin, genetic information, or any other characteristic protected by law. Luminator prohibits any such discrimination or harassment.

The above described responsibilities and requirements are a general guide for the role you are applying for and are not all inclusive of the job requirements.

Luminator Technology Group does not accept staffing agency candidates for our postings.

It is the policy of Luminator to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, age, disability, marital status, citizenship, national origin, genetic information, or any other characteristic protected by law. Luminator prohibits any such discrimination or harassment.

The above described responsibilities and requirements are a general guide for the role you are applying for and are not all inclusive of the job requirements.

Luminator Technology Group does not accept staffing agency candidates for our postings.

All positions posted are required to be in office unless otherwise posted.

Powered by JazzHR