Job Ref174461
LocationProvidence RI 02903
Location FlexibilityRemote
CategoryIT
Job TypeFull-time
Job StatusExempt
Anticipated Closing DateJan. 30 2026
Pay BasisYearly
Pay Range100200.00 - 193400.00 Annually 48.17 - 92.98 Hourly
BrandUNFI
Job OverviewThe Senior Cybersecurity Engineer Application Security is responsible for protecting our organizations software applications and services from threats by embedding security practices into the software development lifecycle SDLC. The role functions as part of the cybersecurity operations team and collaborates cross-functionally with Application Development Threat Intelligence Vulnerability Management Threat Emulation and Security Architecture teams to identify vulnerabilities perform assessments to build secure applications and promote a culture of security. This position plays a critical role in safeguarding sensitive data maintaining compliance and reducing application‑layer risk in cloud web mobile and API environments. The role is expected to independently lead engagements from conception to completion communicate technical details to partners and senior leadership mentor junior staff and provide technical direction to the program.
What does it mean to be part of the Information Technology TeamA role in Information Technology at UNFI involves being a part of the transformation of food for all through many innovative technology products such as myUNFI our customer ordering platform or our warehouse management systems that optimize service. You will have an opportunity to be a part of the technology journey to transform food for all through collaboration and building solutions across teams that directly contribute to our OneUNFI strategy. Roles include network automation infrastructure unification and modernization data services and analytics and digital offering.
Job ResponsibilitiesConduct security-focused code reviews static application security testing SAST dynamic application security testing DAST software composition analysis SCA and interactive application security testing IASTTriage and prioritize findings from automated security scans and penetration testing results provide actionable remediation guidance to developersCollaborate with software development teams to integrate security tools and best practices into CI-CD pipelines e.g. secret scanning dependency checking secure coding standardsDevelop and maintain security tools scripts frameworks and automation to scale application security effortsSupport vulnerability assessments penetration testing and red team exercises on applicationsProvide security consulting and training to development teams on secure coding practices common vulnerabilities e.g. OWASP top 10 and emerging threatsMonitor emerging application security trends vulnerabilities e.g. CVEs and attack techniques contribute to incident response when application exploits occurEnsure applications align with relevant standards and regulations e.g. NIST OWASP PCI-DSS SOC 2Create and update security documentation policies and threat models as neededCompiles and analyzes data for management reporting and metrics as directedDemonstrates expert-level knowledge and skills in the technical process organizational and philosophical aspects of application securityPerforms other duties as assigned
Job RequirementsEducation CertificationsBABS in Computer or Cybersecurity domainRelevant certifications such as OSCP GWAPT CSSLP CEH CISSP or cloud security certs e.g. AWS Security Specialty
Experience6 years of experience in application security secure software development penetration testing or related cybersecurity roles in a large highly diverse and distributed environmentStrong understanding of web application vulnerabilities OWASP top 10 and secure coding principlesProficiency in at least one or more programming languages e.g. Python Java JavaScript CHands-on experience with AppSec tools such asSAST SNYK Veracode SonarQube Checkmarx CodeQLDAST SNYK OWASP ZAP Burp Suite VeracodeSCA Snyk Dependabot Black Duck OWASP Dependency-CheckOther Wiz GitHub Advanced Security or similarFamiliarity with cloud platforms AWS Azure GCP and containerorchestration technologies Docker KubernetesExperience with DevSecOps practices and integrating security into CI-CD pipelinesKnowledge of secure SDLC methodologies threat modeling e.g. STRIDE PASTA and secure design patterns
Knowledge Skills AbilitiesExcellent written verbal and interpersonal communication skills - able to explain technical security issues to non-technical stakeholders and collaborate effectively with developersAnalytical mindset with strong problem-solving abilitiesProactive detail-oriented and able to manage multiple prioritiesAbility to translate technical findings into actionable insightsAbility to mentor junior staff and transfer technical knowledge as well as contribute to the teams knowledge sharingStrong independent direction and ability to multi-taskFlexible and adaptable to learning and understanding new technologiesAbility to work extremely well under pressure while maintaining a professional image and approachTeam player with proven ability to work effectively with other business units IT management and staff vendors and consultantsExceptional information analysis abilities ability to perform independent analysis and distill relevant findings and root causeComfortable discussing complex findings and issues with variety of audiences including C‑suite levelSelf-driven and able to reach deadlines on-time with minimal directionPassion for cybersecurity and staying current with evolving threats
Work EnvironmentRemote RoleThis position is classified as remote where the associate will perform remote work from their primary residence. Remote associates are welcome to work from the office but are not required to do so. While remote associates are not required to work from an office on a regular basis they may be required to come to the office or other UNFI locations for necessary business reasons or if directed to do so by their manager.
Physical EnvironmentDemandsOffice RolesMost work is performed in a temperature-controlled office environment.Incumbent may sit for long periods of time at a desk or computer terminal.While performing the duties of this job the employee is regularly required to sit use hands to finger handle or feel reach with hands and arms and talk or hear.Incumbent may use calculators keyboards telephones and other office equipment during a normal workday.Stooping bending twisting and reaching may be required in the completion of job duties.The above statements are intended to describe the general nature of the work performed by the employees assigned to this job. All employees must comply with Company policy and applicable laws. The responsibilities duties and skills required of personnel so classified may vary within each department andor location.
About UNFI We are North Americas premier grocery wholesaler delivering the widest variety of fresh branded and owned brand products to community grocers and retail chains alike. A pioneer in natural and organic foods we are growing and transforming to meet the needs of an evolving workplace. Our 29000 employees work across America in our 50 Distribution Centers and corporate offices. Learn more Organic Natural and Conventional Food | Wholesale Food Distributors | UNFI
Benefits Competitive 401k Flexible PTO Remote Health benefits - first of the month following 30 days of employment mentorship programdevelopmental opportunities.UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all. All qualified applicants will receive equal consideration for employment without regard to race color age religion sex sexual orientation gender identity or expression national origin disability protected veteran status or other protected ground. Accommodation is available upon request for candidates taking part in all aspects of the job selection process. - MFVeteranDisability. VEVRAA Federal Contractor.
CompanyUnited Natural Foods Inc.
Compensation UNFI anticipates paying the above-referenced pay rate or within the above-referenced pay range for this position. Actual Pay where applicable will depend on a number of factors including but not limited to education experience training and any requirements under applicable collective bargaining agreements. UNFI is committed to transparency in pay in compliance with applicable stateprovincial and local laws.
Benefits For Washington positions or positions that may be performed remotely from Washington Click HERE for Washington-specific paid time off details. Candidates hired into this position will also be eligible to participate in the following benefits programs Paid Time Off Sick Time paid holidays and parental leave 401K Program or retirement savings plan if in Canada medical dental vision life and accidental deathdismemberment insurance short-term and long-term disability insurance program Flexible Spending Account andor Health Savings Account U.S. only subject to meeting the eligibility requirements and the terms and conditions of these programs and subject to any requirements under applicable collective bargaining agreements. Sales Positions Only For sales positions that are commission-based the above range is an estimate of total potential commission-based compensation during an associates first year but UNFI offers an introductory period minimum of 680 per week. After the introductory period as a 100 commission-based role there is no set salary. UNFIs commission plans are uncapped and average earnings vary depending on territory and sales achieved among other factors. UNFIs compensation benefits and paid time off policies are subject to change in the Companys sole discretion consistent with applicable law. This job posting should not be construed as an offer of employment with certain terms nor should it be construed as a guaranteed minimum. Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act or for Canadian applicants in accordance with provincial human rights legislation.