AppSec Jobs
← Back to all jobs

WM

Principal Application Security Engineer

Houston, TXWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About WM

WM (Waste Management, Inc.) is North America's leading provider of waste management, recycling, and environmental services. Founded in 1968, the company has grown to serve nearly 21 million residential, industrial, municipal, and commercial customers across the United States, Canada, and Puerto Rico. Headquartered in Houston, Texas, WM emphasizes sustainability through practices such as integrated collection and landfill management. WM offers a wide range of services, including residential trash and recycling pickup, commercial waste solutions, roll-off dumpster rentals, and specialized services for industrial and hazardous waste. The company also provides environmental services like groundwater protection and air management. With a commitment to safety, diversity, and customer focus, WM operates the largest trucking fleet in the industry and utilizes advanced technology to enhance sustainability. The recent acquisition of Stericycle allows WM to expand its offerings into medical waste and paper shredding, further solidifying its role as a comprehensive waste management provider.

Industry

environmental services

Employees

62,000

448 engineers

Revenue

$25B

Website

Visit →

Security at WM

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • WM's AppSec philosophy centers on 'defining and driving' a centralized strategy that aligns with the NIST Cybersecurity Framework.
  • A core priority is developer enablement through the embedding of security controls and best practices directly into CI/CD pipelines, moving away from traditional gatekeeping toward a modernized design and deployment model.

Security Team

WM's cybersecurity programs are led by Chief Information Security Officer (CISO) Jerich Beason, who reports into the digital organization overseen by CIO John Varkey. The Audit Committee provides board-level oversight. While the exact size of the Application Security team is not publicly disclosed, the company is actively hiring for leadership roles, such as a Principal Application Security Engineer, to drive strategy. Key Leaders: 1. Jerich Beason, CISO 2. John Varkey, SVP & CIO

Key Initiatives

Current initiatives at WM include 'shifting left' by embedding security within the SDLC and DevSecOps pipelines. The team is focused on driving the adoption of secure coding standards and threat modeling across engineering teams. Additionally, there is a significant effort to implement supply chain security measures, including SBOM and attestation. There is no public evidence of an active Security Champions program.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.