Please scroll down, To apply

(Hybrid) Application Security Engineer

hiring now

Top Talent

2024-11-10 10:38:46

Job location Chicago, Illinois, United States

Job type: all

Job industry: Engineering

Job description

Application Security Engineer


$60B Publicly Traded Company


Chicago area Hybrid



Job Summary


As an Application Security Engineer, you will have significant visibility across the organization due to the critical nature of discovering and communicating high-risk vulnerabilities in applications. The progress of remediation teams is tracked via board-level key risk indicators (KRIs), making your contributions highly impactful. Your ability to interface with development teams and influence their security posture is crucial to the success of the security program.



  • You will be involved in discovering and communicating high-risk vulnerabilities and ensuring remediation efforts are tracked and reported at the executive level.

  • You will work closely with product engineering, software development, and infrastructure teams to secure a diverse product portfolio, and more.



Team Dynamics and Career Path



  • Team Size: You'll be part of a smaller sub-team of 3 within a wider engineering team of 6, supporting a development staff of roughly 300 across the organization.

  • Career Growth: This role is positioned for growth where you will have the opportunity to take on leadership of the Application Security program, along with a corresponding promotion.

  • Mentorship: You will work directly with the program lead, a senior engineer who will provide mentorship and support to help guide your development and success in the role.



Key Responsibilities



  • Execute the application security risk management strategy by measuring program effectiveness and reporting risks.

  • Conduct application security reviews and threat modeling.

  • Ensure application releases comply with established security standards and policies.

  • Help implement automated security testing processes within CI/CD and DevSecOps frameworks.

  • Assist with pentesting activities.

  • Provide guidance around security vulnerabilities and remediation paths.



Qualifications



  • Background in Application security with some software engineering experience.

  • Security scanning tools, programming languages, OWASP top 10, SANS top 25, CVE, CVSS, CWE

  • Strong communication and presentation skills.

  • Must have valid work authorization in the US. Company does not offer sponsorship.

  • No C2C.



Benefits



  • Medical, Dental, Vision, and Life insurance

  • 401k

  • Tuition Reimbursement, and much more!



Additional information



  • Position Type: W2

  • Compensation: Annual base salary + annual discretionary bonus.



Follow our LinkedIn company page to stay updated on our latest openings. (link removed)



Inform a friend!

<!– job description page –>
Top