**WHO YOU’LL WORK WITH** You’ll be a key member of the SecureCode team within the Application Security Consulting group, collaborating with Corporate Information Security and cross-functional teams across Nike. In this position, you will report directly to the Director of Information Security Engineering Consulting, ITC, and receive strategic guidance from the SecureCode leadership team based in the United States. Your responsibilities will include close collaboration with engineering, data, and product teams to integrate secure development practices, deliver meaningful security metrics, and effectively coordinate across the USA (PST, EST) and EMEA time zones. **WHO WE ARE LOOKING FOR** We’re looking for a Senior Application Security Engineer/Analyst with deep technical expertise in application security testing, data engineering, and metrics-driven security insights. You should be comfortable navigating ambiguity, learning on the fly, and leveraging emerging technologies—including GenAI services—to accelerate and automate security data pipelines. The candidate needs to have strong Information Security knowledge, extremely strong written and verbal communication skills and a demonstrated ability to communicate across all areas and levels of the business. They should also be able to comprehend complex business initiatives, leveraging excellent analytical and problem-solving skills. We are seeking a motivated self-starter who is has a track record of taking ownership of information security challenges and driving them to resolution. + Bachelor’s degree in Computer Science, Information Security, or Business Information Management, or equivalent work experience. + 5+ years of progressive experience in information security, application security engineering, or cybersecurity consulting. + Deep expertise in Application Security Testing (AST) tools, prefrebly including SAST, DAST, SCA, SBOM analysis, and Mobile AST. + Strong experience integrating security into CI/CD pipelines using tools like GitHub Actions and Jenkins. + Proficiency in Python scripting, API development, and working with structured, semi-structured, and unstructured data. + Hands-on experience with SQL, NoSQL, and platforms such as MongoDB and Databricks; solid understanding of ETL fundamentals and API-based data ingestion. + Familiarity with cloud-native and serverless architectures, including event-driven patterns and AWS services such as EKS, ECS, Lambda, Bedrock, DocumentDB, DynamoDB, and RDS. + Knowledge of threat modeling and secure design review methodologies. + Demonstrated ability to communicate effectively across technical and executive audiences, adjusting style and approach as needed. + Strong analytical and problem-solving skills with a track record of resolving complex challenges. + Ability to lead cross-functional collaboration, build stakeholder relationships, and drive consensus in a global, matrixed environment. + Familiarity with security standards, regulatory frameworks, and cloud security best practices. + Adaptability to evolving threats and technologies in a fast-paced cybersecurity landscape. + Security certifications such as CISSP, CSSLP, CCSP, CISM, or CRISC are preferred but not required. **WHAT YOU’LL WORK ON** If this is you, you’ll be working with the Application Security Consulting SecureCode team to perform these key tasks: + Design and implement cybersecurity metrics (KPIs/KRIs) to measure control effectiveness and program reach. + Build centralized reporting capabilities and integrate metrics into dashboards using Tableau, PowerBI, and Databricks. + Analyze large, complex datasets to identify trends, anomalies, and actionable insights. + Collaborate with global engineering and DevOps teams to integrate security tooling into CI/CD pipelines. + Prepare executive-level reports and committee summaries on security posture and risk trends. + Maintain documentation and process repositories to support compliance and continuous improvement. + Stay current with industry trends, regulatory requirements, and best practices in application security metrics and reporting. NIKE, Inc. is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, protected veteran status, or disability. NIKE is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please call +1 503-671-4156 and let us know the nature of your request, your location and your contact information.