AppSec Jobs
← Back to all jobs

Wawa, Inc.

Application Security Engineer

Media, PAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Wawa, Inc.

Wawa, Inc. is a privately held convenience store and gas station chain based in Chester Heights, Pennsylvania. Founded in 1803, Wawa has evolved from an iron foundry to a prominent convenience store operator, incorporating in 1968. The company operates over 500 locations across the East Coast, including states like Pennsylvania, New Jersey, and Florida. Wawa is known for its 24/7 service and a wide range of offerings, including freshly prepared food such as hoagies, breakfast sandwiches, salads, and coffee. In addition to food, Wawa provides traditional convenience store items like snacks, beverages, and tobacco products, along with fuel services at many locations. The company has built a loyal customer base by focusing on quality products and exceptional service, contributing to its strong regional identity and estimated sales of $18.5 billion in 2023.

Industry

retail

Employees

46,000

150 engineers

Revenue

$19B

Website

Visit →

Security at Wawa, Inc.

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

Wawa's application security philosophy emphasizes building security into the SDLC, proactive vulnerability management, continuous improvement of security processes, collaboration with development teams, and adherence to industry best practices and compliance standards (PCI DSS, ISO/IEC 27001, NIST 800-53).

Security Team

The Application Security Team is led by Mike Depaul. Key roles include Application Security Senior Engineers. The team ensures security is built into internally developed applications.

Key Initiatives

  • Key initiatives include building security into internally developed applications, day-to-day operations, building and operating application security tooling and automation, engaging with developers and product owners for issue resolution, secure software development across the SDLC, improving application security processes, incident response support, security reviews, penetration tests, and threat modeling.
  • They also focus on developing secure coding practices, testing applications against threats, and operating application security vulnerability management.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.