Senior Application Security & Compliance Analyst

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Systems, or a relevant technical area, or equivalent demonstrated experience.
• People Management: Proven experience leading teams of senior technical contributors or architects.
• Platform Expertise: Minimum of 5 years of experience as a Software Solution Architect with a focus on eCommerce or Salesforce technology (Commerce, Marketing, Sales, Data 360, and CPQ).
• Security Depth: 8+ years of progressive experience in Information Security or Security Engineering, with specific expertise in OWASP Top 10, API security, and Edge Security (Cloudflare/CDN).
• DevSecOps Tooling: Hands-on experience with GitHub SaaS, SonarQube, and Atlassian Tools.

Nice To Haves

• Expert-level knowledge of Cloudflare CDN, including WAF/WAAP tuning, Bot Management, and performance optimization.
• Deep knowledge of security principles in cloud environments (AWS/GCP) and securing complex SaaS solutions.
• Hands-on experience with security testing tools (vulnerability scanners, SAST, DAST) and SSO protocols (SAML, OAuth).
• Proven experience securing headless or composable SaaS architectures like Contentful, Coveo, and Bynder.
• Exceptional ability to articulate complex security and edge delivery risks to non-technical CX stakeholders.

Responsibilities

• SaaS Governance and Configuration: Lead the security configuration and account management for the CX SaaS stack (including Coveo, Contentful, Viamedici, Bynder) and manage Customer Data Architecture (CDA) SaaS integrations to ensure secure data exchange.
• Application and Infrastructure Security: Lead the end-to-end setup and management of Cloudflare CDN services, overseeing WAF/WAAP, Bot Management, DDoS protection, CDN optimization, and SSL/TLS/DNS management.
• Application Security Lifecycle and Identity Management: Conduct deep-dive security reviews, coordinate the lifecycle of penetration testing and vulnerability remediation, and directly oversee Okta CIAM implementation, security, and permission model auditing.
• Compliance and Vendor Transition: Serve as the technical lead for PCI compliance across the CX ecosystem and successfully transition legacy security and CDN management functions from external providers to internal operations.

Benefits

• We care about and support our Airgas Families. This is evident not only through our competitive compensation but also through a comprehensive benefits package that includes medical, dental, and vision plans, short-term and long-term disability, life and accidental death and dismemberment (AD&D) insurance, Employee Assistance Program (EAP), pre-tax commuter transportation benefit, parental leave, vacation, sick time, floating holidays, jury duty and funeral/bereavement leave, and paid holidays for all eligible full-time employees. Additionally, we offer our eligible employees a 401k plan with company matching funds, tuition reimbursement, discounted college tuition for eligible employees’ dependents, and an Airgas Scholarship Program for dependent children. Associates who are members of collective bargaining units should review their bargaining agreement to determine whether they are eligible for some or all of the benefits described here and to see any special terms or conditions for eligibility.