Principal Application Security Engineer
WMHouston, Texas, United States
Posted January 22, 2026
Full Time
About the Company
Waste Management is North America’s largest comprehensive waste management environmental solutions provider.
Job Description
Waste Management is embarking on an ambitious technology transformation and is looking for a Principal Application Security Engineer to define and drive the application security strategy across the organization. The role involves leading the design and implementation of application security architecture, embedding security controls into CI/CD pipelines, and collaborating with developers, infrastructure teams, and security stakeholders.
Requirements
- Lead the design and implementation of application security architecture and engineering across enterprise applications
- Embed security controls and best practices into CI/CD pipelines and DevSecOps workflows
- Evaluate, implement, and operate application security tooling (e.g., SAST, DAST, IAST, container security and related capabilities)
- Define, develop, and maintain application security metrics, reporting, and dashboards
- Engage and collaborate with third-party vendors to assess and validate the security capabilities of applications and services
- Provide guidance and mentorship on application security standards, risk management, and compliance requirements
- Participate in occasional off-hours support as needed to support troubleshooting or emerging threats
- Manage security audit and intrusion detection system logs for system and network anomalies
- Respond to unique, highly complicated, suspicious or malicious events detected through collection or reported by Help Desk or users
- Provide technically advanced remediation and application event support to IT operations and engineering teams
- Perform initial computer system forensic investigations and supports fraud investigations
- Communicates technical and event assessment results, evaluates engineering and integration initiatives and provides technical expertise to assess security policies, standards and guidelines
- Develops, collects and analyzes logs from firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools
- Reviews and recommends the installation, modification or replacement of hardware or software components
- Identifies and addresses any configuration change(s) that impact event collection
Benefits
- Medical, Dental, Vision, Life Insurance and Short Term Disability
- Stock Purchase Plan
- Company match on 401K
- Paid Vacation
- Holidays
- Personal Days
