(Hybrid) Application Security Engineer

Application Security Engineer

$60B Publicly Traded Company

Chicago area Hybrid

Job Summary

As an Application Security Engineer, you will have significant visibility across the organization due to the critical nature of discovering and communicating high–risk vulnerabilities in applications. The progress of remediation teams is tracked via board–level key risk indicators (KRIs), making your contributions highly impactful. Your ability to interface with development teams and influence their security posture is crucial to the success of the security program.

Key Responsibilities

• Execute the application security risk management strategy by measuring program effectiveness and reporting risks.
• Conduct application security reviews and threat modeling.
• Ensure application releases comply with established security standards and policies.
• Help implement automated security testing processes within CI/CD and DevSecOps frameworks.
• Assist with pentesting activities.
• Provide guidance around security vulnerabilities and remediation paths.

Qualifications

• Background in Application security with some software engineering experience.
• Familiarity with security scanning tools, programming languages, OWASP top 10, SANS top 25, CVE, CVSS, CWE.
• Strong communication and presentation skills.
• Must have valid work authorization in the US. Company does not offer sponsorship.
• No C2C.

Benefits

• Medical, Dental, Vision, and Life insurance.
• 401k.
• Tuition Reimbursement, and much more!

Additional Information

• Position Type: W2.
• Compensation: Annual base salary + annual discretionary bonus.